From owner-freebsd-security@FreeBSD.ORG  Tue Oct 21 20:40:44 2003
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id BB66616A4B3
	for <security@freebsd.org>; Tue, 21 Oct 2003 20:40:44 -0700 (PDT)
Received: from smtp3.sentex.ca (smtp3.sentex.ca [64.7.153.18])
	by mx1.FreeBSD.org (Postfix) with ESMTP id C6B3043F75
	for <security@freebsd.org>; Tue, 21 Oct 2003 20:40:43 -0700 (PDT)
	(envelope-from mike@sentex.net)
Received: from lava.sentex.ca (pyroxene.sentex.ca [199.212.134.18])
	by smtp3.sentex.ca (8.12.9p2/8.12.9) with ESMTP id h9M3egeW008019;
	Tue, 21 Oct 2003 23:40:42 -0400 (EDT)
	(envelope-from mike@sentex.net)
Received: from simian.sentex.net (simeon.sentex.ca [192.168.43.27])
	by lava.sentex.ca (8.12.9p2/8.12.9) with ESMTP id h9M3efYI027499;
	Tue, 21 Oct 2003 23:40:42 -0400 (EDT)
	(envelope-from mike@sentex.net)
Message-Id: <6.0.0.22.0.20031021233604.0807f8a0@209.112.4.2>
X-Sender: mdtpop@209.112.4.2 (Unverified)
X-Mailer: QUALCOMM Windows Eudora Version 6.0.0.22
Date: Tue, 21 Oct 2003 23:44:48 -0400
To: Bill Swingle <unfurl@dub.net>, security@freebsd.org
From: Mike Tancsa <mike@sentex.net>
In-Reply-To: <20031022032740.GA2605@dub.net>
References: <20031022032740.GA2605@dub.net>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
X-Virus-Scanned: by amavisd-new
Subject: Re: hardware crypto and SSL?
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Security issues [members-only posting]
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Oct 2003 03:40:44 -0000


Dont know about http ssl, but I am using the cards from Soekris for my 
backup server.  As long as you use 3des for encryption, it does make a big 
difference CPU wise.   The next generation cards supposedly have AES and 
public key generation, but I dont think the driver will do the public key 
stuff. The safe driver says it does, but I dont know where to get such cards.

         ---Mike

At 11:27 PM 21/10/2003, Bill Swingle wrote:
>Is anyone successfully using some sort of hardware crypto solution to
>combat the overhead of SSL in http transactions? I'd love to hear
>anything good or bad about this.
>
>-Bill
>
>--
>-=| Bill Swingle - <unfurl@(dub.net|freebsd.org)>
>-=| Every message PGP signed
>-=| PGP Fingerprint: C1E3 49D1 EFC9 3EE0 EA6E  6414 5200 1C95 8E09 0223
>-=| "Computers are useless. They can only give you answers" Pablo Picasso
>
>
>