On Fri, May 3, 2013 at 3:06 PM, Jay Ashworth <j...@baylink.com> wrote: > It occurs to me that I don't believe I've seen any discussion of the > Unexpected Consequence of pervasive HTTPS replacing HTTP for unauthenticated > sessions, like non-logged-in users browsing sites like Wikipedia. > > That traffic's not cacheable, is it? Proxy caches on services like > mobile 3/4G, or smaller ISPs, or larger corporations can't cache it, I > wouldn't think, which means both that they will see traffic increases, > and that the end sites will as well. > > Has this been discussed and I missed it? Do I improperly understand > transparent caching? Or is this just a bomb waiting to go off? > > I assume that Wikipedia themselves are on top of the idea that their > in-house reverse-proxies won't be carrying that traffic (though I don't > actually know what their architecture looks like anymore), but.. > > Cheers, > -- jra > -- > Jay R. Ashworth Baylink > j...@baylink.com > Designer The Things I Think RFC 2100 > Ashworth & Associates http://baylink.pitas.com 2000 Land Rover DII > St Petersburg FL USA #natog +1 727 647 1274
TLS/SSL can be applied at the loadbalancer/caching proxy for service providers like Wikipedia. As you may already know products like Apple's IPhone include CA that can allow groups like the DOD to do chain-loading to allow their proxies to be MITM systems(super scary, in more systems than the one mentioned.). Yes it is a bomb but only from the ISP caching point of view, not the provider caching point of view. -- ~ Andrew "lathama" Latham lath...@gmail.com http://lathama.net ~
