Should I host my entire web application using https?
Posted
by
user54455
on Server Fault
See other posts from Server Fault
or by user54455
Published on 2010-11-11T10:45:40Z
Indexed on
2011/01/04
14:55 UTC
Read the original article
Hit count: 150
Actually my only requirement for using SSL encryption is that when a user logs in, the password is transferred encrypted. However after reading a bit about protocol switching, that an HTTPS session can't be taken over as an HTTP session etc. I've been asking myself if it's so bad to just have the entire application use HTTPS only.
What are the reasons against it and how would you rate their importance? Please also mention:
- How much performance do I lose on server side (roughly)?
- How much performance do I lose on client side (roughly)?
- Any other problems on server / client side?
© Server Fault or respective owner