nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Nxdomain redirect revenue

From: Owen DeLong <owen () delong com>
Date: Tue, 27 Sep 2011 16:09:03 -0700

On Sep 27, 2011, at 3:46 PM, Jimmy Hess wrote:


On Tue, Sep 27, 2011 at 5:29 PM, David E. Smith <dave () mvn net> wrote:

On Tue, Sep 27, 2011 at 17:08, Jimmy Hess <mysidia () gmail com> wrote:

That is, HTTPs should become assumed.

As much as that would be wonderful from a security standpoint, IMO
it's not realistic to expect every mom-and-pop posting a personal Web
site to pay extra for a static/dedicated IP address from their hosting
company (even if IPv6 were widely deployed, Web hosts probably would


Thanks to TLS  SNI (server name indication), a dedicated IP address is
no longer necessarily,
RFC 3546, 3.1.



Except when it is.


Yes, it is realistic to expect every mom-and-pop posting a personal
web site to utilize a provider that implements SNI,  and the sooner
they do it.



No, it isn't because it requires you to send the domain portion of the URL
in clear text and it may be that you don't necessarily want to disclose even
that much information about your browsing to the public.


It's also realistic to expect them to buy one of those $15  SSL certificates.
Heck....   1 year .COM  registration used to cost a lot more than that.



Meh... I disagree. I don't think there's any reason to encrypt web sites
that don't use authentication and are not providing personally identifying
information or other "secret" data. I run several web servers virtual and
real on one of my systems. Some of them have SSL, some of them don't.
Even the ones that have SSL don't encrypt everything. There's no reason
to encrypt that which does not need encryption and it's just an extra cost
in terms of server resources and client resources to do so.


We're not talking about huge recurring costs here.



That depends. If it's a popular web site that delivers a lot of content,
the additional CPU horsepower just to do the cryptography and the
additional power to drive it could actually be very significant.

For the average mom and pop, no, it's not a huge cost, but, neither is
it necessarily a cost worth bothering with.

Frankly, I don't expect static (or at least static-enough) addresses to
cost extra in IPv6. You can already get a /48 from Hurricane Electric
for free as long as you have IPv4 access. I suspect that eventually
other IPv6 providers will have to at least match that standard.

Owen
Previous By Date Next
Previous By Thread Next

Current thread: