Re: domain based load balancing
Hi Willy, Thank you for that great software ! On Wed, Dec 5, 2012 at 8:11 PM, Willy Tarreau w...@1wt.eu wrote: Is there a better way of accomplishing this? Have you thought about hashing the Host header (for example) ? Just an idea, I don't know how that fits your need. Can you give an example of that idea ? Regards, Alexandre
Re: FW: SSL OCSP Stapling
On Tue, Nov 6, 2012 at 8:08 PM, Willy Tarreau w...@1wt.eu wrote: I believe the official word at one point was that OCSP stapling of chains should be accomplished by including the entire chain in the OCSP request, delivering that compound OCSP response via the TLS Certificate Status Request extension. And do you know how large this could be for average web sites ? Maybe there is a cross-over point where doing so has a more negative impact than letting the client check by itself ? CloudFlare´s announcement about OCSP (and a partnership with GlobalSign) makes they https client sites 30% faster. http://techcrunch.com/2012/11/01/cloudflare-globalsign-make-ssl-faster/