Comment 1 Hans de Graaff 2011-03-07 09:33:38 UTC

fwiw I don't really see slowness with SSL, at least not that I notice (or worse than before). Do we have a standard way to measure this other than loading through the browser? Gathering some statistics might be useful.

(In reply to comment #1)
> fwiw I don't really see slowness with SSL

I really doubt SSL would be the culprit.


> Do we have a standard way to measure this other than loading
> through the browser? Gathering some statistics might be useful.

You could use WebService, and see how fast it is.

I was curious, so I ran Wireshark. It looks like, for Opera anyway, a lot of time is spent grabbing CRLs and OCSP responses from CAcert, and not actually talking to b.g.o.

Comment 4 Robin Johnson 2011-04-25 07:42:05 UTC

Disabling the OCSP/CRL, how much faster does it load?

Comment 5 Christian Ruppert (idl0r) 2011-04-25 13:14:17 UTC

CC'ing mgorny and nirbheek here.

Also it should be faster at all since we switched to mod_perl recently.

Comment 6 Michał Górny 2011-04-25 15:04:52 UTC

(In reply to comment #5)
> CC'ing mgorny and nirbheek here.
> 
> Also it should be faster at all since we switched to mod_perl recently.

Yeah, it seems very fast ATM.

Comment 7 Nirbheek Chauhan (RETIRED) 2011-04-25 16:09:56 UTC

Loads quite swiftly now, thanks!

Comment 8 Christian Ruppert (idl0r) 2011-04-25 16:22:27 UTC

Ok, thanks. So we will turn it back on again as soon as we got our new cert(s).

Comment 9 Jeroen Roovers (RETIRED) 2011-04-25 19:54:54 UTC

Well, you pinged me in #gentoo-dev about it and I said it was much improved. The XML-RPC thingy or whatever it is that inserts contacts in response to typing is too laggy for me to be useful, but that is probably not related to HTTPS, and otherwise I have no more complaints.