Re: SSL for CL-HTTP

• To: "John C. Mallery" <jcma@ai.mit.edu>
• Subject: Re: SSL for CL-HTTP
• From: jim@digitalideas.com
• Date: Wed, 28 Aug 1996 10:38:19 +0000
• Cc: www-cl@ai.mit.edu
• Sender: owner-www-cl@ai.mit.edu

>Did you get a chance to look at http://apachessl.c2.org/
>This is the SSL implementation for Apache.
>

Yup. took a look. Very impressive. I like the fact that you can use the SSL
in conjunction with multihoming, So that you can have a unique ID
certificate for each of the individual virtual domains. I like that.

I got tell you though, I've never used unix, so I can't comment on the
specs, but it sounds like the library is an easy port. The RSA part is damn
frustrating! And any implementation ought to have a layer of abstraction so
that a substitute algorithm can be plugged in if need be, such as PGP or
what ever.

One possible solution right of the top of my head is that if someone can
talk to the folks at RSA about a lisence where the USER pays the licensing
fee on an individual level! This does away with the problem of you guys
having to bear the cost and misery of having to go around it. This is
ridiculous, and I wish someone would do something about it. If I was
competent enough about the subject, I would.

I am glad that you are going to have the WRAPPED method, so that we can use
this stuff with any stream, Email etc..

Anyway, I can't imagin an HTTP server being usefull anymore without SSL. On
the Mac, it would be icing on the cake to have multihoming at the server
level, because Apple is not going to do anything about it in Open
Transport, till  OT 1.5 sometime mid next year.

Oh yeah, while you're at it, add the ability to generate virtual tokens, so
that I can send you some for the coffee machine :)

Jim Kazoun
jim@digitalideas.com

• Prev: Re: SSL for CL-HTTP
• Next: cl-http for mac on PC Week
• Index(es):
  • Main
  • Thread