On Wed, Sep 24, 2003 at 12:01:19PM -0400, Geoff Thorpe wrote: > Well I think it depends if your hardware could be used for the > purposes of scalability and throughput. If so, this approach is a > naive way to "improve the user experience" because in reality it blows > away all attemps by the architect/admins to have any congestion > management. With respect, these are the only people who have the > budgets and time to think about buying dedicated crypto hardware > anyway, right? > > <technical rant> > So if you choose the number of accelerators to address what you see as > appropriate resourcing for SSL/PKC demands, and you resource your > web-server (or whatever) hosts to cover what you foresee as > appropriate for web/application/accelerator-"controller" purposes, > then how do you keep an overload in one component from bringing down > the rest?
[...] Fair enough; I've updated the ticket with one that leaves software fallback disabled unless OPENSSL_NCIPHER_FALLBACK=on or an ENGINE control command is used. Cheers, -- Colin Watson [EMAIL PROTECTED] Software Engineer nCipher Corporation Limited ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
