Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Hah, when they say "only a handful of vendors" that includes load balancer vendors like F5 and A10, which truckloads of ecommerce sites rely on for ssl offload. Its a simple code update to fix, but I remember doing a 4am loadbalancer reboot when my CTO's chrome auto-updated and all of a sudden he couldn't get to our https stuff (the important stuff).


Interesting - we use F5 load balancers for SSL offload, as do a huge percentage of the interwebs. If F5 didn't support False Start, I suspect a good deal more than 0.4% of the SSL websites would be affected.

Do you think maybe it's something like an older version of F5 BigIP firmware that doesn't support False Start?


Yea thats what I meant by 'simple code update'. All the vendors have long since put out fixes.


No surprise there: the faster SSL gets, the more people will want to buy F5 and others to simplify deployment of it.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: