meltdown cache encryption

Miguel González miguel_3_gonzalez at
Mon Jan 29 17:53:21 UTC 2018

> There are no plans to open source Varnish Total Encryption, and using
> HTTPS by the means of a proxy on the same server as Varnish won't help
> either. To mitigate Meltdown and Spectre, you need an updated kernel
> and Linux doesn't completely mitigate Spectre yet (a recent GCC
> release address the second Spectre variant with the "retpoline" patches).

when is expected those issues are solved? With OS issues mitigated,
Varnish would be safe?

> You should mostly be worried about Meltdown and Spectre if you are
> running Varnish on shared machines provided by a hosting company (aka
> cloud provider). 

I do myself host several sites, should I be worried then?

Thanks for answering!


This email has been checked for viruses by AVG.

More information about the varnish-misc mailing list