On 11.12.2016 11:07, Niklas Edmundsson wrote:
We do however recommend using HTTP and signatures rather than relying on HTTPS for file integrity.
We always use signatures if available. HTTPS is just a bonus for privacy.
While the CPU load of HTTPS on clients is negligable, the server CPU load becomes quite a task for organizations like ACC that are running on 5+ years old donated hardware. Especially when combined with the goal of being able to push multiple tens of gigabits...
I'm not sure how to understand that. I can't control how our users connect to your server if I list both URLs. I'd expect them to switch to HTTPS, but if you feel like you can't handle the load, it's probably better if I don't list it.
What do you want me to do?