Package: pound Version: 2.2.7-2 Severity: normal I noticed that pound was using far more CPU time than the backend servers behind it, which struck me as strange.
Upon investigation it appears that it regenerates 2 x 11 RSA keys every 300 seconds. On my not too shabby system that takes about 5 seconds, or 20 minutes every day. Now this may be a good thing security-wise, but I'm not even using pound for SSL connections! Only plain HTTP connections go through it. It also removes entropy from the pool for things that need it, which IMHO is wasteful. I modified my local copy to only regenerate every 24 hours, and that's much better. However, a couple of suggestion came to mind: - only regenerate keys that have actually been used - make the regeneration period configurable - why 11 times? Why not 10, or 12, or 16? Make this configurable? thanks, Paul Slootman -- System Information: Debian Release: lenny/sid APT prefers testing APT policy: (650, 'testing'), (625, 'stable'), (600, 'unstable') Architecture: amd64 (x86_64) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.17-rc5 Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
