On Thu, Jun 26, 2008 at 11:40:42AM -0700, Cliff Wells wrote:
On Wed, 2008-06-25 at 15:53 -0400, Dan M wrote:
On Tue, Jun 24, 2008 at 6:45 AM, Stephen Nelson-Smith
<sane...@public.gmane.org> wrote:
Hi,
SSL operations are CPU intensive, so it makes sense to use as much cores
as possible.
You can offload SSL operations onto a hardware accelerator card. There
are several vendors available:
http://www.openbsd.org/crypto.html#hardware
OpenBSD has native support for them. Don't see why others wouldn't.
OpenSSL has support for several hardware crypto devices.
Getting even further off-topic, I've often wished OpenSSL would support
GPU's for doing crypto:
http://majuric.org/software/cudamd5/
Lot's of servers have completely under-utilized GPU's and a fast video
card is still quite a bit cheaper than a dedicated crypto device.
The most expensive SSL operation is handshake using public key encryption.
On the second place are symmetric ciphers such as DES, RC4, and AES.
The hashing algorithms (MD5/SHA) are on the third place and modern CPUs
evalute MD5 fast enough.
20 messages in ru.sysoev.nginxRe: AJP Support
