Not particularly relevant to the Wikimedia Foundation
(which is using
Squid and will probably switch to another open source software web
load balancer in the future). But relevant for many/most commercial
organizations running large websites.
We use LVS w/ pybal for load balancing, not squid; otherwise, you are
right. We don't use hardware load balancers, and likely will not in
the foreseeable future.
To be a little more on subject: I don't think it'll be a major
difference between using ssl for just login, and using it for all
logged in user actions. One of the more expensive parts of https is
the connection. If we are logging them in, we are already doing the
more expensive part, why not continue on and make the site truly
secure?
But really, I should have just ignored this thread since it was mostly a troll.
- Ryan Lane