We are in a slight of relocating the web settlement to a new environment.
Included are dozens of opposite sites trimming from roughly totally
stationary to enterprising sites requiring authentication and containing
understanding content. Our web server admins have (without any quarrel
from a growth team) solid to make it a customary in a new sourroundings to
force SSL for everything. we do not establish with this preference and
would like to have as many trust as illusory when we lay down to plead it.
Here's what we have so far:For any site, an SSL certificate has a proceed
cost. We have a dev, qa, and poke sourroundings and so that is 3
certificates that are indispensable for any siteFor a decrease of pages, a
calm is not secure and forcing SSL would make a page requests take longer
on a server since of encrypting and decrypting From what we understand,
many browsers to do not cache pages that are SSL'ed and so again, page
requests will take longerOlder browsers have problems with record
downloads when they are SSL'edI do not have an emanate with forcing SSL
when users are authenticating or they are requesting understanding data.
However, we cruise forcing SSL by default on all sites is a bit much.
No comments:
Post a Comment