Hello,
1. Can someone point out some benchmark comparing Apache (and other
webservers)
performance while using SSL vs. Servlet. Number of connections, CPU load,
etc?
2. Besides encrypting important data (such as credit cards), which I want to
make sure
no one is reading along the way to the server, is there a reason not to
use Servlet
for user authentication? session tracking? Are Servlets secure enough?
It seems to me that sites like Amazon are doing exactly this - using ssl
for
credit card transactions and some other session tracking mechanism for
the rest.
Am I right?
thanks,
Zvika.
