Le 16/06/2016 22:13, Dan Purgert a écrit :
Pascal Hambourg wrote:Le 16/06/2016 18:18, Dan Purgert a écrit : 1)So, the fact that HTTPS doesn't ~actually~ provide you with any security when a "malicious party" has root accesss to the webserver,AND that it adds overhead to the transmissionDoes it really add network overhead of just CPU overhead on the server ?CPU on both ends,
Sure, but the server is most concerned, a client does not usually handle hundreds or thousands of concurrent HTTPS connections.
as well as making the overall amount of data transmitted somewhat larger. This is because encrypted blocks have specific size requirements (...) Remeber that a single packet can only carry 1460 bytes, before accounting for services that specify MTUs <1500 . If you're using something like 64-byte blocks for the encryption scheme (which is fairly common, so I'm going with that from here on out), you're limited to only sending 1408 bytes / packet of actual data, assuming zero overhead. For the 660 602 880 bytes of "cd1" from the debian installer suite, this means you're transmitting 469,178 fully loaded packets, plus 1 partial (approx 315 bytes) ... or a total transmission of 689 691 975 bytes.
Hmm. I don't know how SSL works, but HTTPS runs on top of TCP so I doubt that it cares about IP packet size. The task of splitting the TCP payload stream into IP packets is done by the TCP layer.