Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Github is generally pretty nippy for me, and it's a pleasure to work with.

Just 2 performance concerns I've noticed:

1. The network graph https://github.com/<username>/<repo>/network seems very sluggish to render

2. The API is slower than normal for HTTPS

Usage: $> time curl -i https://<site>/ For comparison (2nd request's):

* https://www.googleapis.com/ 187ms

* https://graph.facebook.com/ 175ms

* https://api.github.com/ 400-700ms

Not sure if anyone else noticed this



That's easy: googleapis.com and facebook.com use 1024 bit RSA keys, github uses 2048 bit. So the initial handshake is slower and the performance on your end is probably the main bottleneck.

(by the way, RSA labs deprecated the use of 1024 bit keys in 2003(!), so one could say that googleapis and fb use snake oil rather than ssl ...)


Key size of 1024 vs. 2048 bits should not account for 225 ms of latency. Here's the result of "openssl speed rsa" on a mid-grade desktop computer.

                    sign    verify    sign/s verify/s
  rsa  512 bits 0.000217s 0.000014s   4608.1  72363.4
  rsa 1024 bits 0.000711s 0.000032s   1406.0  30788.2
  rsa 2048 bits 0.003630s 0.000092s    275.5  10825.0
  rsa 4096 bits 0.021180s 0.000299s     47.2   3349.2
In other words, the difference between 1024 and 2048 bits for the server is 2.9 milliseconds, two orders of magnitude less than the latency the parent comment posted.

Second, it has nothing to do with the "performance on your end" (the client).

The client side of SSL is limited to public key operations only (cert verification, encrypted the pre-master secret). These are 40x faster than private key ops, key length being constant. You're talking a difference of 60 microseconds on the client.


They use HAProxy for load balancing which doesn't natively support SSL termination (yet...). There's probably an extra layer in there to handle that (pound/nginx maybe?) which would bump up the latency.


Exactly what does that have to do with the relation between RSA key sizes and hundreds of milliseconds of latency?


It does for three days. :)

http://blog.exceliance.fr/2012/09/04/howto-ssl-native-in-hap...


Good find!

Didn't realize Github were using 2048 bit keys. I would be interested in knowing what the actual performance differences are between key sizes, given RSA is used in the initial negotiation before symmetric SSL takes over.

>so one could say that googleapis and fb use snake oil rather than ssl ...)

Given that Paypal, my bank, Google and Facebook use 1024 keys, I think labelling 1024 bit as "snake oil", might be a stretch. ;)


>Given that Paypal, my bank, Google and Facebook use 1024 keys, I think labelling 1024 bit as "snake oil", might be a stretch. ;) It's no less snake oil just because every con man sells it...


PayPal uses 2048 bit SSL keys


The network graph fails to render at all most of the time I want it. I suspect it's heavily cached, takes a long time to initially compute, and I'm only looking at graphs to see if a seemingly-abandoned project got forked and picked up elsewhere - which means I'm never seeing the cached version.

It also is (or used to be) possible for a particular graph to get into a wedged state; github support can fix that if you report the repo, but it's often not worth the effort for me.




Consider applying for YC's Summer 2026 batch! Applications are open till May 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: