On 2/3/06, Cyril Plisko <cyril.plisko at gmail.com> wrote: > On 2/3/06, Dennis Clarke <blastwave at gmail.com> wrote: > > On 2/2/06, Cyril Plisko <cyril.plisko at gmail.com> wrote: > > > > > > polaris.blastwave.org is up and running. I was about to make an > > > announcement, but the word got out. I think that this kind of > > > collaboration tool > > > is of great importance for community and it'll demonstrate its value very > > > soon. > > > > First thing I'd like to do is get a real SSL site cert for security. > > Why ? And this machine isn't too fast to make it run crypto all the time. > Do we really need it there ? >
Anytime a web site requires a person to enter a password it needs to be _at_least_ encrypted and at most we need RSA ACE server with PRNG key fobs. This is a basic security step and its entirely reasonable. As for fast, running SSL with Apache barely uses 2% of the CPU. The lists server lists.blastwave.org uses SSL and it has no issues with performance. The CPU usage is not even measurable. Dennis
