On 15 February 2010 23:35, Stuart Bishop <[email protected]> wrote: >> I think there is still some potential, but it's not quite as good as I >> hoped, mostly because API calls (from Australia) are very slow, >> commonly more than 2 seconds each. Doing an api call is not > > If there was a way of keeping the SSL connection open, I think this would be > much, much faster. I'm not sure if we will ever be able to move the API off > https: - maybe the client can be taught enough to tell if what it is sending > is private and needs to be sent over a secure chanel or if our auth is > sufficiently resistant to man in the middle type attacks.
In principle if both the client and server are smart enough then the ssl connection should never need to close, until one or the other gets bored. I have no idea what practical impediments there may be. -- Martin <http://launchpad.net/~mbp/> _______________________________________________ Mailing list: https://launchpad.net/~launchpad-dev Post to : [email protected] Unsubscribe : https://launchpad.net/~launchpad-dev More help : https://help.launchpad.net/ListHelp
