[ARIN-consult] Fwd: [ARIN-Suggestions] NEW ACSP 2018.3: Automatically Redirect Whois Queries to Secure URL
Steve Pointer
spointer at humdai.net
Fri Mar 16 14:04:26 EDT 2018
>
> There is no reason to add SSL overhead to all queries just because.
>
SSL/TLS does not just give privacy, it also certifies that the published
site has not been tampered with (man-in-the-middle). I would suggest
that as the purpose of the whois database is to serve accurate data,
including information which may be of use to professionals dealing with
cybersecurity events, that the request is totally reasonable, and not
"just because".
The overhead for HTTPS is real on older hardware, however the most
recent generations of CPU have some new fangled magic bit which whilst
I do not claim to know how it works, but does have the effect that the
HTTPS overhead is very much reduced in real life implementations.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.arin.net/pipermail/arin-consult/attachments/20180316/33fd9dda/attachment.html>
More information about the ARIN-consult
mailing list