It's slightly larger than 300 hostnames, although not nearly the 14.5k that HTTPS Everywhere is: https://code.google.com/p/chromium/codesearch#chromium/src/net/http/transport_security_state_static.json
On Tue, Mar 17, 2015 at 11:57 AM Jacob Hoffman-Andrews <[email protected]> wrote: > On 03/16/2015 11:37 PM, Dave Warren wrote: > > I'm curious if anyone has ever looked at HTTPS Everywhere's database > > and considered dropping sites that are in preloaded HSTS lists? -- I'm > > assuming that part of the performance impact is linked to the number > > of rules, and under this theory, it seems like reducing the number of > > rules without reducing security would be a net win. > I've definitely considered this, but I think it's not likely to be a big > performance win. As I understand it, there are ~300 hostnames on the > preloaded list (updated numbers welcome!), vs ~14.5k rulesets in HTTPS > Everywhere, with many hostnames per ruleset. > > I'm extremely interested in improving the performance of HTTPS > Everywhere with regards to both CPU and RAM. If you are interested in > doing some work in the area, I would really appreciate it. I think the > first step would be to do a CPU and RAM profile of the extension under > some example usage (i.e. open N URLs that have either a top-level > rewrite or many embedded rewrites). > _______________________________________________ > HTTPS-Everywhere mailing list > [email protected] > https://lists.eff.org/mailman/listinfo/https-everywhere >
_______________________________________________ HTTPS-Everywhere mailing list [email protected] https://lists.eff.org/mailman/listinfo/https-everywhere
