Making a HTTP connection using SSL takes a long time, cause of encrypting, decrypting, sending certificates, creation of secretkeys, blablabla... but once the connection is there, things should speed up. remember you will always have a performance drawback cause of the encryption/decryption of the data. but it should not be too worse.
On Wed, 2002-08-21 at 10:51, Adrian Janssen wrote: > Its pretty quick I think, the biggest factor always tends to be the > transmission time of the HTTP document from server to client - generally by > a factor of 10, sometimes 100. If I were to guess, I would say that a 100K > document took less than a second to encode / decode at 128 bit encryption > level. This is just a guess, though hopefully it will solicit *well meaning* > corrections ;P > > Cheers > Adrian > > > -----Original Message----- > > From: randie ursal [SMTP:[EMAIL PROTECTED]] > > Sent: 21 August 2002 10:18 > > To: [EMAIL PROTECTED] > > Subject: Re: about SSL on servlet > > > > i guess using SSL through out the whole transaction even when not > > necessary can have > > some performance drawbacks....or am i wrong? =) > > > > Adrian Janssen wrote: > > > > > > as i undersand it this is what is suppused to happen i.e. sessions > > are NOT > > shared across http / https boundaries. I assume for security > > reasons. > > > > Why do you not just continue in https after login? > > > > > > > > > > -----Original Message----- > > From: randie ursal [ SMTP:[EMAIL PROTECTED] > > <mailto:SMTP:[EMAIL PROTECTED]>] > > Sent: 21 August 2002 08:23 > > To: [EMAIL PROTECTED] > > <mailto:[EMAIL PROTECTED]> > > Subject: about SSL on servlet > > > > hi, > > > > has anyone use SSL support for accessing your Servlet? > > > > because i have a question about session tracking on using > > both http > > and https to > > access my web applicaiton. > > > > here is the scenario, i make use of "https" (ex. > > "https://duncan:8443/test/LogIn.html"; > > <https://duncan:8443/test/LogIn.html>) > > for user login then i shift to "http" protocol for > > ordinary query by > > specifying the > > complete URL for the servlet > > (ex. "http://duncan:8080/test/testServlet"; > > <http://duncan:8080/test/testServlet>) to be called on the HTML > > form. > > > > what happen is that when i shift to "http" a new session > > has been > > created, > > is this really the behavior?...is there a way for me to > > keep only one > > session for both > > "http" and "https" request? > > > > thanks > > > > randie > > > > > > __________________________________________________________________________ > > _ > > To unsubscribe, send email to [EMAIL PROTECTED] > > <mailto:[EMAIL PROTECTED]> and include in the > > body > > of the message "signoff SERVLET-INTEREST". > > > > Archives: > > <http://archives.java.sun.com/archives/servlet-interest.html> > > Resources: > > <http://java.sun.com/products/servlet/external-resources.html> > > LISTSERV Help: > > <http://www.lsoft.com/manuals/user/user.html> > > > > > > -- > > > > It is the strict policy of Truworths that its e-mail facility and > > all > > e-mail communications emanating therefrom, should be utilised for > > business purposes only and should conform to high professional and > > business standards. Truworths has stipulated certain regulations > > in > > terms whereof strict guidelines relating to the use and content of > > e-mail communications are laid down. The use of the Truworths e-mail > > facility is not permitted for the distribution of chain letters or > > offensive mail of any nature whatsoever. Truworths hereby > > distances > > itself from and accepts no liability in respect of the unauthorised > > use of its e-mail facility or the sending of e-mail communications > > for other than strictly business purposes. Truworths furthermore > > disclaims liability for any unauthorised instruction for which > > permission was not granted. Truworths Limited accepts no > > liability > > for any consequences arising from or as a result of reliance on this > > message unless it is in respect of bona fide Truworths business for > > which proper authorisation has been granted. > > > > Any recipient of an unacceptable communication, a chain letter or > > offensive material of any nature is requested to notify the > > Truworths > > e-mail administrator ( [EMAIL PROTECTED] > > <mailto:[EMAIL PROTECTED]>) immediately in order that > > appropriate action can be taken against the individual concerned. > > > > > > __________________________________________________________________________ > > _ > > To unsubscribe, send email to [EMAIL PROTECTED] > > <mailto:[EMAIL PROTECTED]> and include in the body > > of the message "signoff SERVLET-INTEREST". > > > > Archives: > > <http://archives.java.sun.com/archives/servlet-interest.html> > > Resources: > > <http://java.sun.com/products/servlet/external-resources.html> > > LISTSERV Help: <http://www.lsoft.com/manuals/user/user.html> > > > > > > > > > > > > > > -- > > > > Randie V. Ursal > > Design Engineering Department > > NEC Telecom Software Philippines, Inc. > > office : +63(032) 233-9142 (loc.3119) > > mobile : +63(0917) 467-8244 > > email : [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> > -- > > It is the strict policy of Truworths that its e-mail facility and all > e-mail communications emanating therefrom, should be utilised for > business purposes only and should conform to high professional and > business standards. Truworths has stipulated certain regulations in > terms whereof strict guidelines relating to the use and content of > e-mail communications are laid down. The use of the Truworths e-mail > facility is not permitted for the distribution of chain letters or > offensive mail of any nature whatsoever. Truworths hereby distances > itself from and accepts no liability in respect of the unauthorised > use of its e-mail facility or the sending of e-mail communications > for other than strictly business purposes. Truworths furthermore > disclaims liability for any unauthorised instruction for which > permission was not granted. Truworths Limited accepts no liability > for any consequences arising from or as a result of reliance on this > message unless it is in respect of bona fide Truworths business for > which proper authorisation has been granted. > > Any recipient of an unacceptable communication, a chain letter or > offensive material of any nature is requested to notify the Truworths > e-mail administrator ([EMAIL PROTECTED]) immediately in order that > appropriate action can be taken against the individual concerned. > > ___________________________________________________________________________ > To unsubscribe, send email to [EMAIL PROTECTED] and include in the body > of the message "signoff SERVLET-INTEREST". > > Archives: http://archives.java.sun.com/archives/servlet-interest.html > Resources: http://java.sun.com/products/servlet/external-resources.html > LISTSERV Help: http://www.lsoft.com/manuals/user/user.html > ___________________________________________________________________________ To unsubscribe, send email to [EMAIL PROTECTED] and include in the body of the message "signoff SERVLET-INTEREST". Archives: http://archives.java.sun.com/archives/servlet-interest.html Resources: http://java.sun.com/products/servlet/external-resources.html LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
