On Fri, May 3, 2013 at 3:06 PM, Jay Ashworth <jra@baylink.com> wrote:
It occurs to me that I don't believe I've seen any discussion of the Unexpected Consequence of pervasive HTTPS replacing HTTP for unauthenticated sessions, like non-logged-in users browsing sites like Wikipedia.
That traffic's not cacheable, is it? Proxy caches on services like mobile 3/4G, or smaller ISPs, or larger corporations can't cache it, I wouldn't think, which means both that they will see traffic increases, and that the end sites will as well.
Has this been discussed and I missed it? Do I improperly understand transparent caching? Or is this just a bomb waiting to go off?
I assume that Wikipedia themselves are on top of the idea that their in-house reverse-proxies won't be carrying that traffic (though I don't actually know what their architecture looks like anymore), but..
Cheers, -- jra -- Jay R. Ashworth Baylink jra@baylink.com Designer The Things I Think RFC 2100 Ashworth & Associates http://baylink.pitas.com 2000 Land Rover DII St Petersburg FL USA #natog +1 727 647 1274
TLS/SSL can be applied at the loadbalancer/caching proxy for service providers like Wikipedia. As you may already know products like Apple's IPhone include CA that can allow groups like the DOD to do chain-loading to allow their proxies to be MITM systems(super scary, in more systems than the one mentioned.). Yes it is a bomb but only from the ISP caching point of view, not the provider caching point of view. -- ~ Andrew "lathama" Latham lathama@gmail.com http://lathama.net ~