Ryan Lane wrote:
To be a little more on subject: I don't think it'll be a major difference between using ssl for just login, and using it for all logged in user actions. One of the more expensive parts of https is the connection. If we are logging them in, we are already doing the more expensive part, why not continue on and make the site truly secure?
But really, I should have just ignored this thread since it was mostly a troll.
- Ryan Lane
Wouldn't each page view mean a connection, and a ssl handshake? Or are you thinking on keep-alives?