https://bugzilla.wikimedia.org/show_bug.cgi?id=53259
--- Comment #2 from Seb35 <[email protected]> --- The blog post [1] explains the "forward secrecy" property only adds a +15% in CPU load for ECDHE ciphers, but +300% for simple DHE ciphers. Probably the Operations team should carefully review this bug before activating it for performance reasons. Nowadays only Chromium and Firefox support FS, Opera only supports DHE ciphers and Internet Explorer don’t support FS; I don’t know for Safari. This other blog post [2] (and blog) explains how Google configured FS: why they chosed ECDHE (this performance reason) and how they configured session tickets. [1] http://vincent.bernat.im/en/blog/2011-ssl-perfect-forward-secrecy.html [2] https://www.imperialviolet.org/2011/11/22/forwardsecret.html -- You are receiving this mail because: You are the assignee for the bug. You are on the CC list for the bug. _______________________________________________ Wikibugs-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
