[afnog] privacy vs caching

Mark Tinka mark.tinka at seacom.mu
Mon Dec 22 09:24:34 UTC 2014


On Sunday, December 21, 2014 07:54:47 PM Randy Bush wrote:

> caching is very difficult with end-to-end encryption as
> the cache does not have the private keys of the server. 
> the ietf is in a bit of a muddle on this.  should one
> allow middle-boxes to break the encryption and fake it?

I hate middleware.

> so which is more important to you and your customers
> (think consumers, banks, news sites, ...), end-to-end
> encryption to ensure privacy, or caching to reduce
> bandwidth consumption and improve latency?

A compromise would be distributed encrypted services, 
provided by CDN's.

Some of the popular CDN's now deploy HTTPS content in 
Africa, and while it is not yet wide-spread, it's certainly 
a start.

Encryption is as important as low latency (whichever is your 
use-case, if not both). But inherently, those very keen on 
security have generally been willing to take a latency hit. 
I'd be willing to take the latency hit to avoid middleware 
intercepting my "secure content".

Mark.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part.
URL: <http://afnog.org/pipermail/afnog/attachments/20141222/50f3fcb5/attachment-0001.sig>


More information about the afnog mailing list