On 11/21/18 4:00 PM, Gerhard Schweiger wrote on bugs@: > Then comes in openbsd 6.1 amd64, and now the same huge speed difference > between with or without encryption as found on OpenBSD 6.4.Is there any > tweak I could test or is this just bad luck on my VPS or something else? > Speed goes down so badly you can notice it very clearly on photo gallery > but even on static html, site is kind of "slow" when using https.
There were some constant time changes that had a significant impact. Not sure if the impact was reduced or not or if that is even the cause here. Lol, Google says https is faster without mentioning parameters! Akin to a lie, evil or not. If you can upgrade to hw or a processor with AES-NI (hw acceleration), I guess you will be ~10* faster than you had before 6.1 with AES and still be constant time. Incidentally, does anyone know a good ciphers string to select AES only on OpenBSD httpd? I know it may use a bit more power for phone clients, but any other downsides? All countries can use AES these days, right?
