[MacPorts] howto/SyncingWithSVN modified
Blair Zajac
blair at orcaware.com
Sat Mar 24 21:20:24 PDT 2012
On 3/24/12 8:02 PM, Jeremy Lavergne wrote:
>> Is SSL necessary for end users syncing their local checkouts in a
>> read-only operation, for committers submitting revisions, or for both?
>> I could see benefits to ensuring commit operations are secure, but
>> have doubts about checkouts.
>> Encoding and decoding data burns CPU cycles and in turn watts; if the
>> data transferred in a checkout operation is neither private nor
>> sensitive, is the increased energy cost justified?
>
> I wouldn't want someone manipulating the portfiles going into port, a program that runs as root.
Agreed. And the CPU cost these days is negligible:
"""Yes, in the hoary old days of the 1999 web, HTTPS was quite computationally
expensive. But thanks to 13 years of Moore's Law, that's no longer the case.
It's still more work to set up, yes, but consider the real world case of GMail:
In January this year (2010), Gmail switched to using HTTPS for everything by
default. Previously it had been introduced as an option, but now all of our
users use HTTPS to secure their email between their browsers and Google, all the
time. In order to do this we had to deploy no additional machines and no special
hardware. On our production frontend machines, SSL/TLS accounts for less than 1%
of the CPU load, less than 10KB of memory per connection and less than 2% of
network overhead. Many people believe that SSL takes a lot of CPU time and we
hope the above numbers (public for the first time) will help to dispel that."""
Blair
[1]
http://www.codinghorror.com/blog/2012/02/should-all-web-traffic-be-encrypted.html
More information about the macports-dev
mailing list