You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by ABAPGUY <ab...@yahoo.com> on 2006/09/30 04:44:11 UTC
[users@httpd] Internet Explorer : Adding Apache Reverse Proxy toTrusted Sites improves SSL performance
Hi all,
experimenting with speeding up https performance I
added our Apache Reverse Proxy to the Trusted Sites in
Internet Explorer ..and suddenly https performance
increased . I expect this was due to the browser
suddenly using Low Security settings and I guess could
experiment with the Security Settings 1 by 1 to find
out which one impacted performance positively ..but
just in case someone has done this already ...any
ideas which setting(s) in IE might be responsible ?
P.S. I already had use HTTP 1.1 clicked for both
direct and proxy connections .
Regards Daniel
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Internet Explorer : Adding Apache Reverse Proxy
toTrusted Sites improves SSL performance
Posted by "William A. Rowe, Jr." <wr...@rowe-clan.net>.
ABAPGUY wrote:
> Hi all,
> experimenting with speeding up https performance I
> added our Apache Reverse Proxy to the Trusted Sites in
> Internet Explorer ..and suddenly https performance
> increased . I expect this was due to the browser
> suddenly using Low Security settings and I guess could
> experiment with the Security Settings 1 by 1 to find
> out which one impacted performance positively ..but
> just in case someone has done this already ...any
> ideas which setting(s) in IE might be responsible ?
> P.S. I already had use HTTP 1.1 clicked for both
> direct and proxy connections .
I hope not. A trusted site could demand strong cryptography, if that's
what you hit I'd strongly encourage you to notify Microsoft, and now that
you've published it, bugtraq.
That said, and without time to research on my own, I'd suggest it isn't
very likely. You can add the ciphersuite in use to the various log
fields for your successful requests, to see if a weaker one is really
in use.
But mostly likely, Trusted Sites requires stronger identification of the
target machine, not weaker, and therefore you are probably seeing lag from
forward and reverse DNS lookups occurring to try to catch DNS cache
pollution.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org