[erlang-questions] Yaws with HTPPS authentication + HTTP

[Hubert Matthews]

Patrick wrote:
> Generally https data transfer is encrypted with ssl, but if i use 
> session identifiers then what is the difference between http and 
> https? Generally as i understand https is much more heavy on cpu
> than his counterpart. But without certificate authentication what
> is the advantage of https anyway?

On modern machines the overhead of SSL is insignificant except for
very large sites.  Even then the CPU usage is primarily when
establishing a session.  If security is a concern then just use SSL
for everything.  I doubt you'll notice the difference.  Even if you do
then the time and cost of fiddling with a software solution will
probably pay for an extra box.

-- 
Hubert Matthews         http://www.oxyware.com/
Software Consultant     hubert@REDACTED