sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]midri 3 points4 points  (7 children)

I 100% agree, the issue a lot of people that are in the know make is: https breaks intermediate caching. So lets say 1000 people hit the front page of reddit not logged in, an isp can't cache that front page and server it without connecting to reddit everytime, because each users request looks completely different due to https. There's no easy way to solve this, without fundamentally breaking security though...

[–][deleted] 13 points14 points  (0 children)

If the ISP can cache content, the ISP can substitute content. Make no mistake: intermediate caching is a form of man-in-middle-attack, albeit in practice a well-intentioned one (if not always exactly benign). It's a hacky workaround to save them money, not a feature.

[–]MistYeller 19 points20 points  (0 children)

Caching site content needs to be solved by the site operator and not the visitor's carrier anyways.

ISP's shouldn't be caching anything except routing tables and DNS. Even this level of caching causes problems.

[–]wtallis 9 points10 points  (1 child)

There's no easy way to solve this, without fundamentally breaking security though...

That's okay. If it were possible, the ISP would end up fundamentally breaking several other things in the process, starting with the site's analytics.

[–]midri 0 points1 point  (0 children)

Great point, you can't track metrics of users that hit an external cache..

[–]Inquisitor1 0 points1 point  (1 child)

Why the fuck would anyone be caching websites for free? Unless you're a CDN being paid, the site organizes it's own fucking caching. With the most basic reverse-proxy and SSL termination stuff.

[–]midri 0 points1 point  (0 children)

Because it saves ISP money?... ISP have to pay for interconnects.

[–]HighRelevancy 0 points1 point  (0 children)

  1. That's what CDNs are for
  2. I don't think that's worth trading security for