nanog mailing list archives
Re: [EXTERNAL] Re: Flow collection and analysis
From: Chris Adams <cma () cmadams net>
Date: Wed, 26 Jan 2022 08:26:38 -0600
Once upon a time, Laura Smith <n5d9xq3ti233xiyif2vp () protonmail ch> said:
I don't know about anyone else here, but frankly in 2022 TLS support should be a first class citizen. If I have to mess around with running something else as a proxy in front of it then that's the end of my software evaluation. Crypto is no longer "nice to have" option these days.
Having every thing under the sun trying to implement the complexities of TLS leads to lots of failures and security issues... so lots of web things are designed to be simple and only implement HTTP, listen on localhost, and let a well-optimized front-end (e.g. nginx) handle the crypto side (as well as all the weird things browsers do). It also makes it easier from an system admin point of view, because handling cert updates in nginx is easy and well-known, so you don't have to figure out 27 different ways alternate software handles certs and updates. -- Chris Adams <cma () cmadams net>
Current thread:
- Re: [EXTERNAL] Re: Flow collection and analysis, (continued)
- Re: [EXTERNAL] Re: Flow collection and analysis Mel Beckman (Jan 26)
- Re: [EXTERNAL] Re: Flow collection and analysis Nick Suan via NANOG (Jan 26)
- Re: [EXTERNAL] Re: Flow collection and analysis Mel Beckman (Jan 26)
- Re: [EXTERNAL] Re: Flow collection and analysis Eric Kuhnke (Jan 27)
- Re: [EXTERNAL] Re: Flow collection and analysis Mel Beckman (Jan 27)
- Re: [EXTERNAL] Re: Flow collection and analysis Laura Smith via NANOG (Jan 28)
- RE: [EXTERNAL] Re: Flow collection and analysis Jean St-Laurent via NANOG (Jan 28)
- Re: [EXTERNAL] Re: Flow collection and analysis Marcel Mitsuto (Jan 28)
- Message not available
- RE: [EXTERNAL] Re: Flow collection and analysis Laura Smith via NANOG (Jan 28)
- Re: [EXTERNAL] Re: Flow collection and analysis Laura Smith via NANOG (Jan 28)
- Re: [EXTERNAL] Re: Flow collection and analysis Chris Adams (Jan 26)
- Re: [EXTERNAL] Re: Flow collection and analysis Eric Kuhnke (Jan 27)
- Re: [EXTERNAL] Re: Flow collection and analysis John Schiel (Jan 25)