Peter,
Peter Djalaliev wrote:
Apache/mod_ssl version 2.2.0 implements RFC2817 in a way that, I
believe, prevents MITM attacks. The RFC itself admits the possibility
for a MITM attack, but only when the server is willing to provide some
resource both through HTTP or through HTTPS to start with
Thanks everyone,
My server is slightly different but it looks like I'll
be able to set this up similarly
--- Frank Hecker <[EMAIL PROTECTED]> wrote:
> Nelson B Bolyard wrote:
> > The client sends the server a list, saying "these
> are
> > the cipher suites that I (client) support." The
> serv
The goal of this topic to get a wide range of opinions about the
current status/problems of SSL/TLS upgrades. I saw an old, very
long discussion about TLS upgrades as specified by the much disliked
RFC2817 :) I have been meaning to post something here to see if
the same arguments and concerns sti
I think this deserves a new topic :)
___
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
Nelson B. Bolyard wrote:
Peter Djalaliev wrote:
Hello,
I am trying to upgrade a normal HTTP connection to SSL in the Apache
mod_nss module.
So, You're the source of all those questions I've been getting! ;-)
I don't know if Rob C. announced it, but there is now a mod_nss for
Apache that ca
5 matches
Mail list logo
