[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: "Gnusaic"? Why not a Gnu-Style Web Browser?
>Has anyone already created the necessary patches for Apache
><http://www.apache.org/>, or does anyone know whether the Apache dev
>team would be amenable to including conditional directives to allow the
>build of a secure version? If anyone is thinking of making the effort
>to create a publicly available secure server, Apache's probably the
>best source base to work with.
I can't speak for Apatche but we have two of the developers in the building
here. From what they have said security patches would be wellcomed with open
arms. If anyone wants to do the same for the CERN server, we can roll it out
through W3C likewise.
The real issue though would be whetehr there was confidence in the security of
the system. Simply bolting SSL in in a cack handed manner would not cut it IMHO.
Basically I would not recommend a release of such a system to the Apatche group
unless a I was happy with the security of the whole system. This may well
involve a number of fixes in the rest of the code.
I'm also very interested if anyone wants to brave S-HTTP, there is a public
domain version in production. Basically the more people want to work on this
type of stuff the better.
The main hassle is in programming the authorization stuff however... don't
underestimate the amount of work involved in doing a good job there.
Phill