hi all!
In the hope i'm not clubbing a diseased donkey, i'd like to share an idea i ran
across: we could use the RC4-128 cypher for
secure.wikimedia.org, instead of
AES256. RC4 is reportedly a lot faster (3 to 4 times the throughput). Since CPU
capacity for encryption has been mentioned as one of the problems with making
secure.wikimedia.org reliable, I thought it might help.
Note that even though the use of RC4 in WEP led to WEP being broken, RC4 is
still fine for use with SSL. The attacks that broke WEP don't apply there
<http://www.rsa.com/rsalabs/node.asp?id=2009>,
<http://blog.ivanristic.com/2009/08/is-rc4-safe-for-use-in-ssl.html>. Google and
BankOfAmerica, among others, seem to trust in this :)
-- daniel