On 12/07/2015 05:06 PM, William A Rowe Jr wrote:
On Mon, Dec 7, 2015 at 2:39 PM, Ron Croonenberg <ronc@xxxxxxxx
<mailto:ronc@xxxxxxxx>> wrote:
Hello,
I a building a storage system, using HTTP/HTTPS for ingesting data.
I would like to use the authentication over HTTPS, while after that
I want no encryption on the data because of peformance.
Then you probably don't understand the performance impact of TLS.
To help Ron out a little... he's coming from this conversation [1] on the openssl-users mailing list, where he's described his rather unusual network topology already.
I'm still unsure as to whether or not his proposed solution is secure... but I am convinced that his use case is atypical.
Otherwise, any man-in-the-middle can observe the data in transit and alter the data passed between your client and backend storage server
Wait, why does the use of NULL encryption have any effect on the authenticity/integrity characteristics of the cipher? I asserted otherwise on openssl-users and was not corrected...
--Jacob [1] https://marc.info/?t=144900982700003&r=1&w=2 --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|