undefined | Better HN

0 pointschatmasta9y ago0 comments

Ah, I see. I did not realize that. Accordingly, I edited my comment to be less inflammatory. :)

I understand that by using the generic CF free cert, https terminates at CF and the connection CF->Origin is over unencrypted HTTP. Is this why there is latency overhead? Because CF cannot connect to origin via https so it cannot open a persistent tunnel? Or is it because the overhead of keeping an open https tunnel per origin server is prohibitively expensive to maintain for every free customer?

I assume that even though there is no persistent tunnel, CF still must still use persistent TCP connections?

0 comments

floatboth9y ago

Maybe the cost is not completely prohibitively expensive but they do consider it a premium feature. Have to earn money :D

j / k navigate · click thread line to collapse

0 pointschatmasta9y ago0 comments

Ah, I see. I did not realize that. Accordingly, I edited my comment to be less inflammatory. :)

I assume that even though there is no persistent tunnel, CF still must still use persistent TCP connections?

0 comments

floatboth9y ago

Maybe the cost is not completely prohibitively expensive but they do consider it a premium feature. Have to earn money :D

j / k navigate · click thread line to collapse