meltdown cache encryption
Miguel González
miguel_3_gonzalez at yahoo.es
Mon Jan 29 17:53:21 UTC 2018
> There are no plans to open source Varnish Total Encryption, and using
> HTTPS by the means of a proxy on the same server as Varnish won't help
> either. To mitigate Meltdown and Spectre, you need an updated kernel
> and Linux doesn't completely mitigate Spectre yet (a recent GCC
> release address the second Spectre variant with the "retpoline" patches).
when is expected those issues are solved? With OS issues mitigated,
Varnish would be safe?
>
> You should mostly be worried about Meltdown and Spectre if you are
> running Varnish on shared machines provided by a hosting company (aka
> cloud provider).
I do myself host several sites, should I be worried then?
Thanks for answering!
Miguel
---
This email has been checked for viruses by AVG.
http://www.avg.com
More information about the varnish-misc
mailing list