httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jerenkra...@apache.org
Subject cvs commit: httpd-site/xdocs/info/css-security apache_1.3.11_css_patch.txt apache_specific.html encoding_examples.html index.html
Date Wed, 21 Nov 2001 07:16:36 GMT
jerenkrantz    01/11/20 23:16:36

  Added:       xdocs/dev/dist .htaccess HEADER.html KEYS README.html
               xdocs/dev/private .cvsignore bugdb-todo.txt
               xdocs/dev/private/test works
               xdocs/info aol-http.html apache_books.html apache_nt.html
                        apache_on_linux.html apache_users.html
                        how-to-mirror.html in_the_news.xml
                        in_the_news_1997.html in_the_news_1999.html
                        index.xml jdk-102.html known_bugs.html
                        security_bulletin_1.2.5.html support.cgi
                        supportdb.txt three-config-files.html
               xdocs/info/css-security apache_1.3.11_css_patch.txt
                        apache_specific.html encoding_examples.html
                        index.html
  Log:
  Add the dev and info directories (missed them on my last commit).
  
  I'm going to use cvs import for the docs dir.  =)  I swear.
  
  Revision  Changes    Path
  1.1                  httpd-site/xdocs/dev/dist/.htaccess
  
  Index: .htaccess
  ===================================================================
  IndexIgnore /.htaccess /. /..
  AddIcon /icons/quill.gif .md5 .asc KEYS
  AddDescription "PGP signature" *.asc
  AddDescription "MD5 hash" *.md5
  AddDescription "PGP keyring" KEYS
  AddDescription "PKZIP w/dos cr/lf lines" *.zip
  AddType application/pgp-signature .asc
  
  
  
  1.1                  httpd-site/xdocs/dev/dist/HEADER.html
  
  Index: HEADER.html
  ===================================================================
  <H1 ALIGN="CENTER">UNDER DEVELOPMENT</H1>
  
  <H2>Sources and binaries in this directory are experimental.</H2>
  
  <P>Please do not use them unless you are prepared for the consequences</P>
  
  <P>If you are looking for the most recently released distributions, go to
     <A HREF="http://httpd.apache.org/dist/">http://httpd.apache.org/dist/</A></P>
  
  
  
  1.1                  httpd-site/xdocs/dev/dist/KEYS
  
  Index: KEYS
  ===================================================================
  This file contains the PGP keys of various Apache developers.
  Please don't use them for email unless you have to. Their main
  purpose is code signing.
  
  Apache users: pgp < KEYS
  Apache developers: pgp -kxa <your name> and append it to this file.
  
  
  Type Bits/KeyID    Date       User ID
  pub  1024/2719AF35 1995/05/13 Ben Laurie <ben@algroup.co.uk>
                                Ben Laurie <ben@gonzo.ben.algroup.co.uk>
  
  -----BEGIN PGP PUBLIC KEY BLOCK-----
  Version: 2.6.3ia
  
  mQCNAi+0jQEAAAEEAK7oX0FeNncaHfa1v+V7SMUviAm8qB8orWG0zvja4ZtSrHVg
  /PMwppUh44t5ERA9lltRBdHu30+YSh8a1dYt1XOD83nknzj9rhtpFAPqyywlLVhN
  VY3PVLyMbULw27aEAGc+StFqrDoUQ0+j9QU/YH/IyVN9rBaJyhsIDEUnGa81AAUR
  tB5CZW4gTGF1cmllIDxiZW5AYWxncm91cC5jby51az6JARUDBRAyb2Doc3AsNzyk
  Yh0BARa6CACUBnsP9Vb+T/PvNYKVQBIODz+90tz5GozWwCVfPVSaRd8Dz+oF1sFs
  YCz/KuxqBhL5PkiCuSMfOVlPA5nirjoktMF/af5saZqhPr5rvr67Z1OzZnVDvWe4
  DhFrn8EoLrY5YNJhUwfINnZqyKaQu8TW6p4caLkTCW0KM+4ztTe74xRG9NeE+K0+
  0RMpAF3jEY36LGRjq6miazt2bVZQDTl6CuWE+gAaFlX2ojV7e1xdxVvpBIEc34MP
  g9ORJ0evx1QilMt1VyGcS/pe4IQgjdJqjU/4fzqFZkT2nntQMbV9kQyNe2+qfqP7
  giTryIanmBAfd3oOCTsRz2VKPfdhCqCRiQB1AwUQMRdzEEyr2GZv4ALJAQEuhAL6
  A8I84BR+87uNAHD0ZJkTM73WdyMEGvAKBvrZK/g0VLYj0NtgkSuRJfrXnGkuh27I
  ZrjfL952Q/mXgMtHhJHJ9YfenGFWSEDHnolNzKOzTQJpE01IZ3nWv7ezA9N1LZVC
  iQCVAgUQMROrdRsIDEUnGa81AQEUNgQAlvyjt534RDQd2AYGoZriaFzjaL7dTCRH
  4b1zxuWBNWf3pI4W0iwU02Q5rEWEmY5DLl6/ie+vcQKOWSqXVgnM/s6EARdKEN56
  d6PzkwszgfEybDYrcAxReJcTCcV8ItJer/iqpBLgtaxyUpI77NvKcDGHp6BgYpnv
  1lNkH0FISK+JAJUDBRAwtzlWdGx7qH+PTVkBARFWA/99NTCMihlOZS7LmHDVic/q
  H1K1DVdMcv0iL39+7Pq4+AA/ET8dWIgcjaIreSqAZTpjwU1pMPaWgecDD1rEMCYX
  R+JoofLJ24BLcSlpXJ/gWMifYNxqdDeMRkw/aW/kaXQJWIz+oDYNuOyi5VvB6faF
  6Lm7P5cw1mX0I5rYc3woh7QoQmVuIExhdXJpZSA8YmVuQGdvbnpvLmJlbi5hbGdy
  b3VwLmNvLnVrPokAlQIFEDEXgCUbCAxFJxmvNQEBiL8D/3MLjfHGvuByqP1VFQrF
  QeMNd2aIQuC7ys3lkDvrLkkPJQANua0/MdDaZk6F5pCGcTmmmaJOjcOcCheD7FU5
  w9zxkQGR3Swr3opFHSr/CkEl83jRy3oq1MFydWoGajQjIr/c23X8zr+XntPyO6VX
  q5He4RrTiXeAEFBzz+J+R+EQ
  =zh1u
  -----END PGP PUBLIC KEY BLOCK-----
  
  
  Type Bits/KeyID    Date       User ID
  pub  1024/A99F75DD 1997/01/24 Rodent of Unusual Size <Ken.Coar@Golux.Com>
                                Rodent of Unusual Size <coar@Apache.Org>
                                Rodent of Unusual Size <Coar@Raleigh.IBM.Com>
                                Rodent of Unusual Size <Coar@DECUS.Org>
  
  -----BEGIN PGP PUBLIC KEY BLOCK-----
  Version: 2.6.3a
  
  mQCNAzLpIyUAAAEEAN9KC8CxTeozPYJjsnhFpJ14d4Hhf2M6OTgqPQFRHOswM/3j
  B7IW0s+HwVyQ5/SjIlo+8ur9X7yaj1FS2GQmKD1x9LKeHRAoosBIs33okRtoeDRy
  ufTaTyQTwLklxClWm3JEef4xZioun1mtWbpz0yVEOCSZcRvtnJrNPMCpn3XdAAUR
  tCtSb2RlbnQgb2YgVW51c3VhbCBTaXplIDxLZW4uQ29hckBHb2x1eC5Db20+iQCV
  AwUQNiiZ2JrNPMCpn3XdAQGlgwP+JLlZvNV/fJ2azKIwjibDa4n2LUDxa7ofKboU
  QL+D7FD24zQcmzmkBQm/BL/FSUtxZasJkvdVbU98N3G4h3C4AyErfQOFcrepyGAB
  M88onQ1DbQ6tiUA3gw9gIB+2l1C5R8wBOtlwoRJM4GFvjjtRp+KaQqvN3f+lLMMt
  hKYB70m0KFJvZGVudCBvZiBVbnVzdWFsIFNpemUgPGNvYXJAQXBhY2hlLk9yZz6J
  AJUDBRA2KJmIms08wKmfdd0BAT3yBADEDHAn++77n7bLA/u9QYM2LBQHnXdw5Is8
  YGHpHcNZVDA8CtRTOdub8rhe9qgsid/jEry0hT9Sygfx/ry5ntjmF12ltnxBDPdZ
  uU2DaHaIh/zBUAv0hyaQeAXEYiV9J75GrDkTj5Jrrnd623uyIRoMZPKYb+oqsZ4H
  jIe/w+CDfrQtUm9kZW50IG9mIFVudXN1YWwgU2l6ZSA8Q29hckBSYWxlaWdoLklC
  TS5Db20+iQCVAwUQNiiiaZrNPMCpn3XdAQFnMwP/cX21KHwg6ID7NoGzEKxsfZE/
  dEgRGHFp5T6vznI9fO9WZZ2HmISWjEjri5zAAmXvQG2nWEYFVcF1oWph/ndLgLws
  PfIsZiPXpj1LD7oon5PEXvJlkFfpHDqiG4xOORbbGWBcv1sqkx6djkpfyXLoMD36
  5YazFuKurHpWPwAQRJK0J1JvZGVudCBvZiBVbnVzdWFsIFNpemUgPENvYXJAREVD
  VVMuT3JnPg==
  =kWdi
  -----END PGP PUBLIC KEY BLOCK-----
  
  Type Bits/KeyID    Date       User ID
  pub   768/A0BB71C1 1997/06/03 Jim Jagielski <jim@jaguNET.com>
  
  -----BEGIN PGP PUBLIC KEY BLOCK-----
  Version: 2.6.3
  
  mQBtAzOUkNMAAAEDANZdTUJQPwrFI9526Qf+DEWL8dXgfhWW8o6CzewdcCoHYEpu
  9CiOMD3f9bgo1VozOPceGzCu/9FF2hMLUvVsTAZkzC3rre5TtPo/vOf5HJ+ac9M7
  aqxW+gRu2/90oLtxwQAFEbQfSmltIEphZ2llbHNraSA8amltQGphZ3VORVQuY29t
  PokAdQMFEDOUkNRu2/90oLtxwQEB8iEC/i9Qo55TlT8bRpcqeM3lzNDqzU9cqKRf
  9X8pGJIVE5m2JPm99qPLs8RPeepLChi8ZZ+2hSfb7ldQhvVLgNqQqLpsjGtJjJOU
  C+MrKDeSk2WAicg6Uo0FWCsEHxrssw139A==
  =pwim
  -----END PGP PUBLIC KEY BLOCK-----
  
  Type Bits KeyID      Created    Expires    Algorithm       Use
  sec  1024 0x08C975E5 1999-04-14 ---------- DSS             Sign & Encrypt
  sub  2048 0x4CCDB430 1999-04-14 ---------- Diffie-Hellman
  uid  Jim Jagielski <jim@apache.org>
  
  -----BEGIN PGP PUBLIC KEY BLOCK-----
  Version: PGPfreeware 5.5.3i
  
  mQGiBDcUl9QRBADl5tF8kOD0uddlnl9qsaG70/hwujGTsSXATnqoLseTsWORoVXf
  oBklokEAGmT2+Cl8XIXZ31Wh+GaJ3CTbEv8Ok1vapOt+ltPgOKzZEB4uP25EbhC2
  LWf+lUoafcd2Xi0KBV4fqXqEEuDGP1TAdZ6k7NVqgpjvbJ5TdqL0LrWOOwCg/0b4
  +/p/avQr+uZRU2rdmYu/b/0D/2LnjcEqUjsslh2e9m0OgAu+gnYAmQH6Dbnp+iKl
  jffWPChwIMFZd/7FnGOzYDzoqnzTFyA4VE5PHWL61V2lpHJWB21K9D6rbEcx0iYB
  AHHxZQEmxSBU6PmGnbF+2P7vC0Jz9gZ5dCbjtGboYxd00/XQlZwCs8jHueTpSfx9
  n7dYBACFpW+v2pSlG0ReiS6Ult3gaGWiw81D0nFVvCp5BlxgQDymyF1MS6FbCj/g
  FGILosMhlsIHTFaC0DD0LSXyN1rm0ykPvi+vULIlKNJwW7fCi+33j1Azx+zfMNeO
  T5vqAfF6cvsZ6qPb9CcYvU4jEKvkovA1U3jMFehqcGkTV5sfvbQeSmltIEphZ2ll
  bHNraSA8amltQGFwYWNoZS5vcmc+iQBLBBARAgALBQI3FJfUBAsDAgEACgkQizpg
  HwjJdeU/8ACg3mtYerA7QN/8Okp2IgGr+ge4yKgAn09RX5UR8DyZ1/Q8OFasE6T6
  Tg2UuQINBDcUl9UQCAD2Qle3CH8IF3KiutapQvMF6PlTETlPtvFuuUs4INoBp1aj
  FOmPQFXz0AfGy0OplK33TGSGSfgMg71l6RfUodNQ+PVZX9x2Uk89PY3bzpnhV5JZ
  zf24rnRPxfx2vIPFRzBhznzJZv8V+bv9kV7HAarTW56NoKVyOtQa8L9GAFgr5fSI
  /VhOSdvNILSd5JEHNmszbDgNRR0PfIizHHxbLY7288kjwEPwpVsYjY67VYy4XTjT
  NP18F1dDox0YbN4zISy1Kv884bEpQBgRjXyEpwpy1obEAxnIByl6ypUM2Zafq9AK
  UJsCRtMIPWakXUGfnHy9iUsiGSa6q6Jew1XpMgs7AAICCACEhzcRGEc3y3/4YNaG
  89FmtIRpFU5zoaZxxDrmUiS1HdhqFykv8ozaTyjfImCuhq8i6DG15oGudxPma7Ey
  sCcA/qmQEBVrXFK2DYTFW3UnPyqiE822plo0d45u1csKzPvGpHYVGC4HOEKCghRy
  /54nH0fsKV3VSlIXAhRG3LIstzAtslrSYELW1Lov53GK+YZpRDJTbLAxjIYB8kEY
  hiQYzHm/cbBeRpjG9BpoBQh54dNOj22CU8HC4KvZSnDcLAzmDyrQFXFfffvJtQ7+
  HH2iIWKMFOjpRHh2ZK6uhJb03Yo/v+admKs1HSEFdV5VJUCkqymhKT0OiWnXmNHq
  QUfliQBGBBgRAgAGBQI3FJfVAAoJEIs6YB8IyXXlME4AniogMeV3YLNf6C1Y2+k8
  F3rt0S/OAKDHF+wfxLDzCxsoQbwesIUAKgb7Hg==
  =mrXV
  -----END PGP PUBLIC KEY BLOCK-----
  
  Type Bits/KeyID    Date       User ID
  pub  2048/DD919C31 1996/12/24 sameer@c2.net
  
  -----BEGIN PGP PUBLIC KEY BLOCK-----
  Version: 2.6.3ia
  
  mQENAzK/QZIAAAEIALrsEjuGlt6wkHy8fx2wPSkH7paAqJHDCbO1W/GMVs41BsH1
  xpyBi9lOtUXHsDC8Obx/TES4/xVPSsFKPQLa9Q/OsxjXmEPBvQ5PZdOXJ5zmRMI1
  1cfUp2s8w6i+IS68IWRKdPMshGWFGar1YUPM1UpVME7U+uGD3wgdC4DrVJHzS5Eh
  gEDyQ9FPb+8CpsRO3AvUPzsZGG8Iy/9GiLzmaJG34zZ5fv5X7sr89xiWJ21ehk+X
  ePO9kvq+nzfOCCK6a3GZD4g3KJX/Pm3oKeaXeL8WSCCPzpNbtRJk3ofeN7Zm1K0L
  yChPiyui+OO063/WASv52bxUIlmzbX82a92RnDEABRG0DXNhbWVlckBjMi5uZXSJ
  ARUDBRAyv0GTbX82a92RnDEBAfqVB/9GSzADIVqY0faFOLN6+E3qqg3hPRLBvjgC
  5cvTlwT7W64zI+aiSZuN+xAXq+3lnKtmzn45F3hD7gBxRPJbSKsObn2zU4UcqW/o
  qoiYEnO9EhoBomwPUbVy8C00CWvDLfeF4L5r+2oXgilTsCojSaWJX0QoPCwRQao1
  YwZ6CqAA78vdbBNkmA0WrPsVqwd3ijgFapcX671AqiT+pDbvK646I6uGPXJzN3ZU
  vFuDim9D2uNk9CfvPhKGscr4qqP40TnNn5fjSsmrFyFxYsdwo7I4TFpnsEPOw226
  GU+TR7zdwnByP72AxPEBJ/F22LwNyreuph+fRpWCnCf+9gVW9Heh
  =jS5Z
  -----END PGP PUBLIC KEY BLOCK-----
  
   ===========================
  Rob Hartill <robh@imdb.com>
  
  -----BEGIN PGP PUBLIC KEY BLOCK-----
  Version: 2.6.2
  
  mQCNAzG6VfMAAAEEAOvtvphFG/D02vGLENBl5OVPgEJgP9E1xhUgKTZnJstv30kD
  h1IqeIBkEAy5bpKapCbvvxukyQErhB0efTi2v5yTAlz5pVjgWM5Sa8CyTXJmXPHH
  EuOfy1DqaiQSmZ6KWX0ygw3gKDZMiNMf06UURLLYtRlGKSYY3WVj2u2UCmS9AAUR
  tB5Sb2JlcnQgSGFydGlsbCA8cm9iaEBpbWRiLmNvbT6JAJUDBRAx5eIAZWPa7ZQK
  ZL0BAU2XBACXfopMzC8kW3KEqq+N9W9fkGNgy//8XqQ77FmfPQPbO4X7Zn3cyO46
  MxvPP+92zSyN3dyj/xWZYoRLwll+ync9d4KUFwKw45DALAvz1CKHMOpQPD7dIWdE
  9poJQrcbKeOqLcGZTu/hY90gWBUZ++9umR8X8lyh/WEgcUolfgYHew==
  =upYh
  -----END PGP PUBLIC KEY BLOCK-----
  
  Type Bits/KeyID    Date       User ID
  pub  1024/631B5749 1996/06/21 Randy Terbush <randy@zyzzyva.com>
  
  -----BEGIN PGP PUBLIC KEY BLOCK-----
  Version: 2.6.3
  
  mQCNAzHLBS8AAAEEANGFXb9o0NPVfVjSLvQh1j3fN6cMeVNA5BGUJ6HZGP/NDxTE
  i8hwejJqakkU4ux/g6Kqckrx3h8WR7OXZZ+R8CsA0bg9Sr42ndEQCUISgArg+lXZ
  gRUniARPPA7tamTSq8v1mnxqy9s26Ht2rAG2D6IiK/7v0JlezKirDeBjG1dJAAUR
  tCFSYW5keSBUZXJidXNoIDxyYW5keUB6eXp6eXZhLmNvbT6JAJUDBRAxywUwqKsN
  4GMbV0kBAegnA/sH63WyfwMFmn3nWe8T/5IXO/QkMYoMGLS1i7IxMY9O8BVvKQM+
  oxEcJdFAG7zPZkpgKzTBxmExz5hMZ9hwJ42XhrslWoP7JVvADJcdthrUAYW9W+jx
  GcDYAW3qW5DpKsQchfvXq9QOBDxP+Kbbe2B8xGEyGUhLkacISFTrIhhQSg==
  =8P8s
  -----END PGP PUBLIC KEY BLOCK-----
  
  Type Bits/KeyID    Date       User ID
  pub  1024/49A563D9 1997/02/24 Mark Cox <mark@awe.com>
                                Mark Cox <mcox@c2.net>
                                Mark Cox <mark@ukweb.com>
  
  -----BEGIN PGP PUBLIC KEY BLOCK-----
  Version: 2.6.3ia
  
  mQCNAzMRY/IAAAEEAOloTOU0f4w7FDRMM6kA/6XazXxJ/HH8dsmb6E7RuYfVlXsd
  kCwxUBOkyW+AYhkHbYUwnB5qBoFUyLrbLGuwKHW1KnAwgbeZLTH5nqQLpA0RLGVZ
  v3tzImKUdyyxBphZWC4IeEgUbl9cc+piOsEJ8QzF7gnqwWo/Ku6tTP1JpWPZAAUR
  tBdNYXJrIENveCA8bWFya0Bhd2UuY29tPokAlQMFEDQvYTHurUz9SaVj2QEB/hMD
  /ix6pAa+4ZgFQNRAc7fC+I4uGWvXoI8N8wtgiJi//8Kc1vjtvTylLPKVBDsy1ihs
  bVOjD3NUEkH95TNI3QhVeCwJPl2e3GgFl253hj8Jai9snHj75pXjQXq0NxQ/JRSr
  EAqrFM7+yRLPs7zDwsMoc2Ox5emq4joVa3syZUEwW7LxtBZNYXJrIENveCA8bWNv
  eEBjMi5uZXQ+iQCVAwUQNHKlBO6tTP1JpWPZAQEA8QP9HSjVMLohfOVO0tHcLRDB
  eDfnRnBxgTeF7P2u8qB+eOeLqBzHNmE/gROWuZXOpkxeCqT0GG3oXqmSEmVOtDsJ
  K92sKvtTdJOAGq95UQI3t1Ix6iNHkVJfo11RkJyU2iL6XFR1953nS33xKGdbU6v7
  5KVCu3JTe1kDEDOyMVDdRmW0GU1hcmsgQ294IDxtYXJrQHVrd2ViLmNvbT6JAJUD
  BRAzEWPy7q1M/UmlY9kBAfN5A/43SdANs/NZ6ouyxAvKEWSPDnNkHI3rSPynbn7o
  kSrtFeCQ3Vwe0B0fkszBEAZ9zbnx/s/1LKnriUfyzhdZhJfkZfxgDwy6s6smagYW
  smz/LFaeDzG3Ej20VSe6ghseqcPscJL06PUg13LJC4LFlgYcCDEeGl81Nm37fe0x
  IUhlNA==
  =k8vP
  -----END PGP PUBLIC KEY BLOCK-----
  
  Type Bits/KeyID    Date       User ID
  pub  1024/2F90A69D 1997/02/24 Paul Sutton <paul@ukweb.com>
  
  -----BEGIN PGP PUBLIC KEY BLOCK-----
  Version: 2.6.3ia
  
  mQCNAzMRsB0AAAEEAKj2XYYEGcZhT69x4gskQ3xz+KMTLn7gKSqqcyyeinJ0ZjLl
  6AJjb1/68nGsF+IIY+IJS+5smq8do1qpC3UZcmw423Sg8F71GeqDO4HZXOAOieVy
  rpVs6S5TaXlJOcrC7zZCx+iql97+xJFjUGkkS7j/jIkx1AajzMNkSr0vkKadAAUR
  tBxQYXVsIFN1dHRvbiA8cGF1bEB1a3dlYi5jb20+iQCVAwUQMxGwHcNkSr0vkKad
  AQGrigP9F43zbiOigYel+JCMiB0HK/UdqSrf3xWxHIKWKNhQNjhnyeF+jKQwFld6
  7KQYsqZIpHsWLWmSk0AmKQOUIw+DxclDxBL2dT4p+CjgTgIAcbvPpahWkBAw/E+c
  EGTiYbe+Y3sHJhhP+d0TOLmsETG9tpi7gFZ6FfNcWPxFMdxGrf4=
  =0jQW
  -----END PGP PUBLIC KEY BLOCK-----
  
  Type bits/keyID    Date       User ID
  pub  1024/BA20321D 1997/06/05 Chuck Murcko <chuck@topsail.org>
  
  -----BEGIN PGP PUBLIC KEY BLOCK-----
  Version: 2.6.2
  
  mQCNAzOW7moAAAEEAMYZlNOxWCjLR/PosadbG+xsrB2unid2LiYoakTFiDIBaZjx
  bu6hNmVZPYfKOXQcqrCu0EY3uVLP/L89bST5pfIZOzz8GTm33zrETgfzpXYyFdbX
  eZ5vc6aa3+7zmI7h/aU567P9ruB2C/RBLl1A59wmPRRVvjEIAkI4bAO6IDIdAAUR
  tCBDaHVjayBNdXJja28gPGNodWNrQHRvcHNhaWwub3JnPg==
  =vUdL
  -----END PGP PUBLIC KEY BLOCK-----
  
  Type Bits/KeyID    Date       User ID
  pub  1024/26BB437D 1997/04/28 Ralf S. Engelschall <rse@engelschall.com>
  
  -----BEGIN PGP PUBLIC KEY BLOCK-----
  Version: 2.6.3ia
  
  mQCNAzNko/QAAAEEANZ2kpN/oMkz4tqzxvKPZws/XwsD0Y+E5/y7P2DIw4uHS/4N
  syQbgkdrZhPBlXDv68DQioHXWsb904qyr7iZB1LC5ItK9MgqlK+Z2mvPqsGbHM8J
  +oYib8kf2zJ6HvrYrP7NYB0tN9YYum2ICtx+hIi6aKGXdB1ATA5erwYmu0N9AAUR
  tClSYWxmIFMuIEVuZ2Vsc2NoYWxsIDxyc2VAZW5nZWxzY2hhbGwuY29tPokAlQMF
  EDNko/QOXq8GJrtDfQEBKVoD/2K/+4pcwhxok+FkuLwC5Pnuh/1oeOYHiKYwx0Z3
  p09RLvDtNldr6VD+aL9JltxdPTARzZ8M50UqoF9jMr25GifheFYhilww41OVZA3e
  cLXlLgda1+t0vWs3Eg/i2b0arQQDaIq7PeRdjdEDgwnG4xBaqaAqfgxwOXJ+LPWF
  hiXZ
  =K7lL
  -----END PGP PUBLIC KEY BLOCK-----
  
  Type bits/keyID    Date       User ID
  pub  1024/45B91DF1 1996/03/02 Doug MacEachern <dougm@osf.org>      
                                                              
  -----BEGIN PGP PUBLIC KEY BLOCK-----
  Version: 2.6.2
  
  mQCNAzE4lesAAAEEAKJYS1vL2iB3owwiZdCxp3JyvSNaC7h1p2jQXcJvY10gqyZm
  VffDwFoSvJM1JdCx3o1mb3JpZ2OTV4SrDDkzcSpTXelgyh7k9O3HB7oG6pHTML9g
  Dq9ZKydShMIvIJos7KuLWoM/eeeejtkv7r/gWsGHAyKbT8fs3r7nlmxFuR3xAAUX
  tB9Eb3VnIE1hY0VhY2hlcm4gPGRvdWdtQG9zZi5vcmc+
  =yaR9
  -----END PGP PUBLIC KEY BLOCK-----
  
  Type Bits/KeyID    Date       User ID
  pub  1023/163751F5 1997/08/18 Dean Gaudet <dgaudet@arctic.org>
  
  -----BEGIN PGP PUBLIC KEY BLOCK-----
  Version: 2.6.3a
  
  mQCNAzP30QgAAAED/1k8hPKsJj8Il/TfhP1JIRGwnXuzfQ/etv+MZJMzeNeKa8OX
  Kw0d4e1S/KdJ+AZwWQp3ZMDoX2ghZ79X4DDDLEAc/Fmy0Gg8t89CP+xJk7b4EHjk
  F7HX69BRJp3On4aRTXRND3WviqEmn5ppzbBkTenF9WWudLRbqrc4NnoWN1H1AAUR
  tCBEZWFuIEdhdWRldCA8ZGdhdWRldEBhcmN0aWMub3JnPokAlQMFEDP30Qm3ODZ6
  FjdR9QEB9VQD/0+zumFj1zzYZ1+bS9Az36gijDUb8rlEVf/lBShx4VEvha8fsRRy
  vkwnmJyupYvGtrSIYAwB0VK+GZPZa7XfZvUCM83AZY9vGpE0LwW2Vcz9kWZdJ0t+
  B7zJElmBUrmj9aW6ICmSNbOBwVo1Y7hg6lPSFFMOOECFpT1WuTXXYpNA
  =KWcF
  -----END PGP PUBLIC KEY BLOCK-----
  
  
  Type bits      keyID      Date       User ID
  RSA  1024      0xEE65E321 1998/10/22 Martin Kraemer <martin@apache.org>
  sig            0xEE65E321             Martin Kraemer <martin@apache.org>
  sig            0xBB1D9F6D             ct magazine CERTIFICATE <pgpCA@ct.heise.de>
  sig            0xE2449019             Martin Kraemer <Martin.Kraemer@Fujitsu-Siemens.com>
  -----BEGIN PGP PUBLIC KEY BLOCK-----
  Version: PGP 6.5.1i
  
  mQCNAzYvawcAAAEEAO/lLOQVYsUS+l7yan+Rzr0ehfWRqlgeNsV4DQ0xTuQewD9K
  5lm7ujRwutxlNaf5dXjE24mlsiRN8KDp+fKwm7Wtqv490xmhzS/6y8ekwB02P4fi
  /JJNX1PbLS0cL6+bz2dFqLDhh03Ovz3G16Y9he5mrJ2PNOWa9Dfj9F/uZeMhAAUR
  tCJNYXJ0aW4gS3JhZW1lciA8bWFydGluQGFwYWNoZS5vcmc+iQCVAwUQNi9rZzfj
  9F/uZeMhAQFw1AQA6u3j6jYvBwKImnds4X1ZkyKukxBAkhKpcGeibevZ4H6TVr8m
  KDWx49LM/Gd5b0SBYitaDQR8r67aQyC9MnKcNS7H3MviqcQKZlP4RISb4/ys8p55
  w59QeAONCVNQKd45fmnRNt28mb5NwlWNeOhWti/qFmAidjD6OW8Xl7+x0jyJAJUD
  BRA2RwBtRLjd1rsdn20BAVScA/4+sprdgUqn1dOsA2Y5F7HiQ7I2kzVp1LzMzptN
  wfIiQfhaK0FvadFuo5065LBuHrnlpJK2W4jFjroJVqV4v7oTswISpD9SXPMxWZ1s
  zJZJjAOWRXeBCSDe8TpuAWVaUsuvYeeSWVjchIQKENaHzHt9EovL7xkEZbz1lc4a
  SEhv2YkAlQMFEDYva54rAsNF4kSQGQEBt4YEAIozUUKZALnzf8gfLDusOW+exkp4
  q91tssZKeYk1Y7J/hWCQLw4IqbA+dYs44grjj8mxPZiieKHav7TgUGpijpKwyAGo
  4EmoqS0e+3FsPdV9RSSRXyRniK255xZPHTOPU5rRCIKK/wce92yZAHSaPTuZZDPU
  JqZc9LAdif6358k4
  =Canj
  -----END PGP PUBLIC KEY BLOCK-----
  
  
  Type Bits/KeyID    Date       User ID
  pub  1024/EC140B81 1997/04/10 Dirk-Willem van Gulik <dirkx@webweaving.org>
                                Dirk-Willem van Gulik <Dirk.vanGulik@jrc.it>
                                Dirk-Willem van Gulik <dirkx@webweaving.nl>
                                Dirk-Willem van Gulik <dirkx@dds.nl>
                                Dirk-Willem van Gulik <dirkx@bigfoot.com>
                                Dirk-Willem van Gulik <dirkx@technologist.com>
  
  -----BEGIN PGP PUBLIC KEY BLOCK-----
  Version: 2.6.3i
  
  mQCNAzNNOsMAAAEEAJmwazRhNJB4mQkvp0rrxLkeOAxR9fGBXgJNa6HHdLv7YHwx
  mwMorHYDCAMypO1yuznNTaMVT1z3cS+yqhOkTVxwNI1mxW6Zts1kOJB9pWuU33sk
  sUuCkLHXMgyvP9cms6gcYgB5g3UP6M/aQ4T017+Gk/7crlH87DGmPZbsFAuBAAUR
  tCxEaXJrLVdpbGxlbSB2YW4gR3VsaWsgPGRpcmt4QHdlYndlYXZpbmcub3JnPokA
  lQMFEDRZ5+0xpj2W7BQLgQEB/KAD/1xniFNLHp+jxIVrEL6HcI06QZUYPvRuarWq
  3aI2gdeXej59Ry96MOo2MU3MsuQ+wW+6gEJAuyCp2jyYfzF/8winNcFWc738s/hX
  fRYCJe4bvtMcnhBV7GAlTgyw00fcrnaJaQ811+QwKnZvXXWb+QuoXC4ddTon25w4
  XHLjtDZHtCxEaXJrLVdpbGxlbSB2YW4gR3VsaWsgPERpcmsudmFuR3VsaWtAanJj
  Lml0PokAlQMFEDNNOsMxpj2W7BQLgQEBzW8EAItAEaeuIzPIVlKOk1LnHlYc4FyW
  aiNJC2+rRmftYu2bIp/JFuXu3xC0U0byyHu0p+Y1pcAnt2YrqmYUfM0d2cx1b4+L
  8RQR4SGKhq9jWKS3icfKoyMnGiD2CeI8/Xx8V6b8Xg0QqsdlS0kz//qGCDWMz0vi
  oxzasVEvFjqAse03tCtEaXJrLVdpbGxlbSB2YW4gR3VsaWsgPGRpcmt4QHdlYndl
  YXZpbmcubmw+iQCVAwUQNFnn1DGmPZbsFAuBAQE0vAP/aOb/rXsE256tpi0+CRp6
  cd9b1oBmw894UK+Cf4DeNHWehPWJog4y0eNFUcAMdLIdubDzc6Kfxw5QyJt2EAXr
  05XuJ2DJdG24S/aPzGq+6VzL7Nq7pylXuhrACTgeesaceEpUd/NeOCOyzNR7i8qM
  zbGFtU7fH1ipfJjN6fXLo5K0JERpcmstV2lsbGVtIHZhbiBHdWxpayA8ZGlya3hA
  ZGRzLm5sPokAlQMFEDRZ58Expj2W7BQLgQEBGRwD/jdUjCJXFcAbjx3Y2pWUkR7C
  hwJTohM2TvhFp80Ffbhh1xT961XGuHL5l41fRAIg9FEHjQKNVfXeisLH68Qh73cF
  5xuNE6c1x1VSqfDLl9fXZ6TA35qt0G599T67jmVai4F/LjHWDI1O6UvPRuZE3O7m
  eRaCfbPLAJ1ztFujtS3btClEaXJrLVdpbGxlbSB2YW4gR3VsaWsgPGRpcmt4QGJp
  Z2Zvb3QuY29tPokAlQMFEDRZ56Qxpj2W7BQLgQEBvOED/1LhhPP5OkeCCEMVnmyZ
  jZexzv6XOH2I5qH0iuozsI987sSK+zfv8O0wEBwjUOQqBuzlvjKImYQ/oqR89egQ
  AinPc4z1b3kgeGyqrmtea6ScmpKufcWUBbhH0qsXF41eU3ArKY4kB9znV+/PacCe
  VrOD8roFaxIDZ2nW9FS0mriOtC5EaXJrLVdpbGxlbSB2YW4gR3VsaWsgPGRpcmt4
  QHRlY2hub2xvZ2lzdC5jb20+iQCVAwUQNFnnjTGmPZbsFAuBAQEaHwP/Q2Rs6MIu
  z8all/xildFOPfRAX73InwBeInr1O4UU4l6yWRvuLkg+m6O8eJSHo21SNZBCu9gM
  FoQsd0jVOitUr8+w2WkypBlJo5wl1nCw/1sLU4AxtBb0jyADvJzxFCeje/FkxEvs
  6Y3eLxpJRBylbg6KFOsmSY46DyGc49B6cZo=
  =xUw/
  -----END PGP PUBLIC KEY BLOCK-----
  
  Type Bits KeyID      Created    Expires    Algorithm       Use
  sec+ 1024 0xF08E012A 1998-02-19 ---------- DSS             Sign & Encrypt
  sub  2048 0xD8F8125A 1998-02-19 ---------- Diffie-Hellman
  uid  Dean Gaudet <dgaudet@arctic.org>
  uid  Dean Gaudet <dgaudet-djg20@arctic.org>
  uid  Dean Gaudet <dgaudet@apache.org>
  
  -----BEGIN PGP PUBLIC KEY BLOCK-----
  Version: PGPfreeware 5.0i for non-commercial use
  
  mQGiBDTsCJkRBADJmDUiJL0xUaxg0yw7+VqqFUL6sjWxZeZ7kQZs4dyN3R1ilBUG
  KmOXE6qSfb6Pi0qEmgCz1K7g1KaglMRrpANY4h1CjziEVmTH5s3ocxe77w2uaou1
  gHJERIqQuC4/z0DwFqq61ZVf5dUQTD8OmfOwG4pFs51Si9WS03ueVEFQFwCg/9Z2
  j6UzCLyUABpWeV1v4m0w82kEAK96GyKDcT20TymKJnMKuwya+ZwqrULH3Sdi2Mwi
  1GOH7aomG2fK4D2yxWx5xTiYhmYNnRoopgu/Kv5a4x43tOKS3zeADMnHIw9dMSn9
  4Kba8vfKbZnlOgt9veV+iWZv7N2aS2z7w/i53Y6LAlV1hAIMvGJ3zLfmShZs0LDI
  Ya18A/wNcdJazUk9mLGIoycCYOk5YhWL9sCaCBdmdfDPu++rLnqROSWkmfYkOTt+
  pG9SPnvv3XrX/SEwM8gYfpbZwrFDJFI9W63lc9hdSosFD+8xiRl6h2gKRwWvc1Ry
  xIt3+gUrZxovNxBOv98BoSf/j3lkldU+ZjDGlCplRHSndxlN/bQgRGVhbiBHYXVk
  ZXQgPGRnYXVkZXRAYXJjdGljLm9yZz6JAEsEEBECAAsFAjTsCJkECwMBAgAKCRB9
  bb/R8I4BKqqzAKDc/4H9iOXJxVE0yCEHeTQ2gAHfhgCg7VSq7eNhiJhBgblQav/R
  XOhaHj20JkRlYW4gR2F1ZGV0IDxkZ2F1ZGV0LWRqZzIwQGFyY3RpYy5vcmc+iQBL
  BBARAgALBQI07AjSBAsDAQIACgkQfW2/0fCOASoWOACfb+8OVvy6FCqN2MxdCqp6
  gffNbYgAoOxlTa4NjCUUO9dfLFFYpDfGrRy7tCBEZWFuIEdhdWRldCA8ZGdhdWRl
  dEBhcGFjaGUub3JnPokASwQQEQIACwUCNOwI/gQLAwECAAoJEH1tv9HwjgEqiC8A
  oJDu1HTuGOfChFSJJ31XvV8tnlo5AKCFceck4veIMP8pDC0f5UBGGC3mZLkCDQQ0
  7AiZEAgA9kJXtwh/CBdyorrWqULzBej5UxE5T7bxbrlLOCDaAadWoxTpj0BV89AH
  xstDqZSt90xkhkn4DIO9ZekX1KHTUPj1WV/cdlJPPT2N286Z4VeSWc39uK50T8X8
  dryDxUcwYc58yWb/Ffm7/ZFexwGq01uejaClcjrUGvC/RgBYK+X0iP1YTknbzSC0
  neSRBzZrM2w4DUUdD3yIsxx8Wy2O9vPJI8BD8KVbGI2Ou1WMuF040zT9fBdXQ6Md
  GGzeMyEstSr/POGxKUAYEY18hKcKctaGxAMZyAcpesqVDNmWn6vQClCbAkbTCD1m
  pF1Bn5x8vYlLIhkmuquiXsNV6TILOwACAggAhb3cBmR67H4+9Rj4FeTwJ8kflX6I
  pp2AeXXZiffiPVBv5cGzGn2RkGPAZqbp2AkrCb4TrJH//1GPdR8VmPeEGsm6u0uT
  0M404l/4IW1FFQ4JBpTENPn4NYBHkKBNkPcls/ip0lSjlmLGVQVOtDOaFD7n44xV
  hT4WpptCripg/5kymDmK9c8hv6rPUvNoVrDdWR4//MCvNAZvGq2bZGdFTyd5Tn6D
  AmwbvL/UwgiDnm95qBBfCZtmGkkFaoOePtBevWFaviFZM2pErPRcjY8A/1cZsycj
  JPMFYqBKGDIk76ulDSjU0Q8dqhCEDf0o2oQEg6msjDtetVFEDw9yJe0AGIkAPwMF
  GDTsCJl9bb/R8I4BKhECBKgAoNRtRaRMdYNwajSO7056eKazCGSDAKDShamaRjAe
  ThQ1KefmJKyzfcosZQ==
  =25Cv
  -----END PGP PUBLIC KEY BLOCK-----
  
  
  Type Bits/KeyID    Date       User ID
  pub   999/F88341D9 1994/11/08 Lars Eilebrecht <sfx@unix-ag.org>
                                Lars Eilebrecht <Lars.Eilebrecht@unix-ag.org>
                                Lars `SFX' Eilebrecht <SFX@unix-ag.uni-siegen.de>
                                Lars `SFX' Eilebrecht <SFX@appl2.hrz.uni-siegen.de>
                                Lars `SFX' Eilebrecht <SFX@appl1.hrz.uni-siegen.de>
  
  -----BEGIN PGP PUBLIC KEY BLOCK-----
  Version: 2.6.3a
  
  mQCKAi6+wOsAAAED53PJgrIYS7iHbZn0ycrnzS03fwvwsDpoAVouoqqBSVNoVXH+
  lL+8HzX/fADvNyk1lYi5kTiYR2meKB1p0qpvj4bQ8ZEmcBemhV0FbESJ4CxIgy6V
  euxOD3v9gauyf1u4lkfyLIsCepuJqpkH+aOviE9VhTcE/D6Pt/L4g0HZAAURtCFM
  YXJzIEVpbGVicmVjaHQgPHNmeEB1bml4LWFnLm9yZz6JAJUDBRA2KRwZms08wKmf
  dd0BASoSA/9ZwyAWilXJNMWsV0KfyUeHZ7CsFA9/KQixLtpSH8ij4raLasr6rurc
  Sckrd+OiQKPQG0/TSXSAEP7suatV6XTTLEFHJbmqchTZXMSapwxFWGLxdG+buCiO
  uVxbpop4ZoKz2xb+GtdeyeDr+//gFL+wbEqlZMXfvwgzBCxcOM/tZYkAkgMFEDPN
  Dtg+j7fy+INB2QEBxpcD527wocmN2jHxCkmImID+YMVF8g1Rij3CEy+oLAZiiNWS
  Rxj2lWTHhsVZXtzF53+AD79rJqrFhZUCx+W6vG46uLMuu3/VpnEfq2QsD0d6zIUv
  SDFIxsy/s4knyvgfMeXczHmb7vjGbGsyP9mqjAyN7MUcqgBBANH4HX9CSRN8tC1M
  YXJzIEVpbGVicmVjaHQgPExhcnMuRWlsZWJyZWNodEB1bml4LWFnLm9yZz6JAJID
  BRAzzQwFPo+38viDQdkBAa31A+dPvsRw1zWvyMDp2aQwqIawIi2wiFl56lYfpkwW
  WjsdftuK0HHe+gek0aJ1vLwJFlrivroEukF1JaK3kS/ob2u/TNIZ4MKWjfhbkJW4
  0Y7gCKCUJPzh6hDw1nYfc4N9XKnwubiRVdW2ig1HVoKZUN9Ad034m30jMHEzqXbO
  4LQxTGFycyBgU0ZYJyBFaWxlYnJlY2h0IDxTRlhAdW5peC1hZy51bmktc2llZ2Vu
  LmRlPokAdQMFEDMR9XVLXCU0Hmjw3QEBftADALeK5boLfjNzxZ7g1VPHw6k6QwSU
  ESwiPJCmGTIT5f941YhHqohgwN5kGR9XDxWCCJAqQfFvbxhiZv0zu4HvQ7FYLVLO
  2zwZrVvOfR259jvGDFpPqRBq1ccxTNXuvf2a44kAlQIFEDD5Hn++gkWXZmzJrQEB
  WVYD/R4XFxImsJxzpaykt8Hl4kpQNWYWHd5ae81QFla/vfIplBqeVWr299pUbO1x
  Bt4EFPi5aya8CGwXs8uRsHKn3u711jfTri1mKpiMBWt149BsUk5lFCnE9gVo5UxY
  cpM2vb1I5DKeo/8/DuYz1FQhXwOxGqBqIr+ggQ1fN7Q0v5qziQEVAwUQMSxVdPCJ
  hGMAVxgRAQFafAf+OZxiZqpgeA3iMZzbOr17v4YjL/J4N3phrcy8ssh0rmTBbNHW
  OfRR0yzGlAXespCSLzBnSQMph2MXc3Al51LK4z487iAQxpu5k/ZKrg5ahZI7X5ok
  viTcRjmXkpbbXp+sMs6J3ZOOjxO1tWytSXW5/3lKwbjzaURlbUbBA9QQSGAYPnsw
  Z+CPKRNuUsk2EI3y4DWVjuabOcCeNy4TLfB9UIY81oXfXOyT+i2FwZ0f1befeZuu
  PICGQIxlEFi3Hd3hDEAgNJ8Hu9C6XACnYieT7dVYtlYH14UTk6/CLKkbWNhd/I5S
  QMPbijKK2zU5U3vPcolA1UalSBckftDQ2iTmmYkAlQMFEDD5QYseKXCPGoSZUQEB
  yFYD/jqPx2u8D1aQzKHvZqS9PUYSsPMTgn10FR/tp2c9Ch60f+BQ96fOUCzmRt94
  Iq1iMZsJ0oTyLLf6wf/Mdb1LhvsGf7rXFATh25OUpPx1qPUWstSToHSn0+Zf8e1B
  0p6PJ96duI6rimoc8NKppOwSmRvqAD3ATCKpMiOSwWe9+mBZiQBVAwUQMPl9Sgk0
  Yuy5gjk9AQEX2AIAlCphj4JI/yvodYIlpC2MPOs+hfTvaMPVhSCZZ0EVfZgTZpLQ
  XQDiUolYBvTHJnjBZyXZozln/df4MBHQgKWwmIkAVQIFEDD5RPk+NMzsOfhZGwEB
  5EoCAINMQWZZn+12r2nFScCScf5TaKpm+Y6MfEsvVg0trveEJ74ibbFDo8ABZ2g6
  FgzfDxAMbxNsUQaMrhh0TaSC9EyJAJUCBRAw+O6OHdm2eHD917EBAfj1A/4/cYEE
  a7jN8+ptmxZKsfZ0xOP2dxsPnicDT4VR16MHN6rkVrto782XSiRx3ZUsd9RjUmfH
  ZA3mHoJIGo6JRFVOeyjg3LEASSSfZr4YFkhutnf0lDlJOeEKhqvIw/dSO7MDwdLx
  hOqAFv9UzAlpOm4GLx9p1N61xDl1dIYEnY9cOIkAlQIFEDD5QnyFat0badac6QEB
  CCMEAKV60AedWZyXWokcwWIbW/PLgNTCh8JL1vijXGnBvT2PuA0L7/rCXPhbb20A
  rrq+P6xbGFxi42iWieeU2T5zN5IlPObT6cPeRWJkxPnaSf8ZD33Y1almcuhhYMUc
  7lkL7yqSo1J8TRVCSxjQ4W0+QDUFIEvrigb5Scd7zYHGOqoSiQBVAgUQMPjN2pva
  UYPwhBsRAQGNhQH/Z6IlBI4hdGb8teelMgY2kf3Iq08NByyygJAI48HqTe0cKIW6
  BPcBkJqMooJtRJTX6Rkt8fRKe/IPGeHGqyW3eIkA7gMFEDDhUR6K3WTWEs11KQEB
  TnkGwQEgJMk8SHR+2iBmOJQ2x+kv4LVmPp8hdaKCBdfvJDmrSpuEgrBWFI9PDpSw
  F7NWLPqESPnWo5dd8YeynzYz3aCiIXAOUB0rG8tujF1dSn/kFUCMqgqvbPOU3sSv
  6tVlECIAh67GTNHn61IIhLM0KG4v9elo0Lk/SpWwRRPJZW/ltQBApjtR+juFOiq6
  86+eE9kKBCImCIthBeE/cf6JfwuS4+1ui+MmkkqrnO8+07bdjbkWTSzTL3l12v/t
  M2p8Fwqps41y+3nIEOzq7Isf4zBjfw2ZKeXbEXq0M0xhcnMgYFNGWCcgRWlsZWJy
  ZWNodCA8U0ZYQGFwcGwyLmhyei51bmktc2llZ2VuLmRlPokAlQIFEDD5Hv6+gkWX
  ZmzJrQEBD9QD/iIIvOUqyKRBWjHgJD7zoskxDQH/YVhJu59zoCEOJGwXFPLlT3ce
  meMCaVLa5XvoDnLYWZ/bfI5nFd9vF9GwwbmP8/x39Z3N2xKfJpD8eH5inu5AwtIs
  kfXjmcZhSfDgv2XpAaFigz3wIBt+XbkPRxJJxfqD5oJ1ys0qNe0U6jjyiQEVAwUQ
  MSxVrvCJhGMAVxgRAQHLVgf/cW6FlzmOeIvJ/3yB7vhSOlpivnY00iKnzzCpWLOa
  saC4NPazhqNIewBa01KSuamIicYkzXk8MeaTq5EaQfJyA+NtdWSm/3/ivKWoO4Ka
  qJbVPnxaDnB2KBH+2mq0BJ4rS4i2jVZuopbtMAHV+lQUHaVH826YaFPa+425A/H+
  Oaqn2EdkL80fpIJsACsudYPDGCKS3zcMjspVK1cXqNRDzIOZ8I/XtyNEJpw1yRGf
  t4jrn4lj9jU4y0v6sFOt6jpuvAmyRN/pebwjYJw1Ye697MMkn0nEafH55Et+XfdB
  OYNm3Sb/J2g8j2JVVhN6JKuFYyM1kvK13Rky3SiLPUzD94kAlQIFEDD5QqqFat0b
  adac6QEB6HsD/RooPR6pFnSisCerTlPhSvDI2gl2HUMFw0CZJ5JKVlj5GFDZp5jl
  0yhgCFCweFuE7RUgMOkvGeEoEPZeyipacsrVIcO26aCQyerLTQd6JTgOuCEeEvkj
  BwiqOrVNSEPM5TWPzQc7Q7IDtKTsCT+xNGtO6Pi2+ArZaodZTtp4tXkCiQBVAgUQ
  MPjOC5vaUYPwhBsRAQHdVAH/eIgCk6fo3/Mvxu7IESdDLM/ozh14yvZz6FvC/VKt
  Sp51goqsV5jI9wKANIjonLeO7GJubjO+lqHvsEVsGQ+wpIkA7gMFEDDhUjOK3WTW
  Es11KQEBgTUGwQGH8Ic7zNaUlRmYm5J8R375iP8CrJ/xILbET69VsR2aDG2MA2z8
  NBBkV1ARrAC2YWa9sO91yCyf3NAI6I1oqtbv/09Im/s0bTu66dWrqRAiuTB3Ou+g
  HJ0fc85gTWcBd9/xS/mNlZb1/ZXjkBaYdl0Bzm72c3+HqZjHzT3nlxVY5HCi15J4
  iDgCuCPzeo1r8QgGmsbP7fD+0Hka7tlXb87WxPZt+nkjGS9xmLrNHw5/vJpcN4+f
  zevzhTQD8IcsUr0QcZUH9jZpm6xWpibPF5z7FzXTorguf+W0M0xhcnMgYFNGWCcg
  RWlsZWJyZWNodCA8U0ZYQGFwcGwxLmhyei51bmktc2llZ2VuLmRlPokAlQIFEDD5
  Htq+gkWXZmzJrQEBjswD/1Nwm7yoV6sj7qTiKaW9S3DQD3LKXtweiDdYF0lp961I
  WkuyBur4aYBNROQK82zFQqKNKfsm+FXu+N6AYQ2zEUJEUkT9RQgmsrfU1q067Zoo
  +dck5T2zuH+/kqmF9t28Gv4jjxVTit6C92NEhciutNO48kK32BT2mgX2w7tds6G4
  iQEVAwUQMSxVvPCJhGMAVxgRAQFUKgf/Y4Djeo18+ZAfr0BKl14P29dKK3p8OLcn
  qXh6juBfTRiWnFJtrQfGH9w3pQvpi2RRuDZTTQzhO4eOq2g5gy9MytU1htLRVpVw
  BnmmjLRWz0WGqr4y4ZULbg3ha5NsfBppdgHKk5Y+BptvIL/37ZBkztkiBXfs0Zbc
  3fZR4bSU1xDOE+HS0BofOxubqfZrCZvAjMCC5NJ4R13H8xnYg6NKQCAqOfeCOVWk
  Gnc/BK7VArMXjC8o/9nQDzY2fRPINPnCb4f/4PunwOrEza6zLxXfgNraQJ19boPb
  /o9DBlvNOWkq9gSmVnTEkqrEMtiXd31KAU/LVCRH/70mx7XZkF5/N4kAVQMFEDD5
  fY4JNGLsuYI5PQEBW0kB/0s9AqawHqJ/0rO9jsMhk3vuHNgwVF4DoKTL5EDIORET
  ccAf4UZVJo+JzmjYxc1f2RkwkMkk/N9afKZmcNSYzteJAFUCBRAw+UUZPjTM7Dn4
  WRsBAah7AgCIWR/HNt+V20bDueCO9mhwGirq5E7TJU+C9xT+3BeZXmyy/AR7tWJd
  KnC6laGDLnMko3CWr/XRKD+rC050nNsriQCVAgUQMPju3R3Ztnhw/dexAQF0awP/
  cXwIBaEAj4D/ShzMna3NQ/EM4aTniAHdVIH4d6Uh2RwDCoYt6HwEP11xfBwI6bDW
  lQhdUgDzGOXmOxKxv/Xti4viHOwO1KqjRtHOyDf4hI/ou2p0bntXMZ5yVv0WakyW
  7kYd7KxTbYd/CTKe8HB+8wkj8h1pb31JJoXzWsgmwXiJAJUCBRAw+ULYhWrdG2nW
  nOkBAQUwA/9AUqFQsXW9kMi5RooITiQbRynunPh2aqadVnuLZoAhxp16c+EQYpc4
  Qi6jLPBVemHdS4PW8vJegF1pJtDZ4VfLNwwkIxj7Y0hU8A4BcHUIfFdOER7SwbW/
  i7QTU8u3vNHfmgIodv19D7rFxEzqqPxMHRpIs8/IOG9L3zc3kV8rnYkAVQIFEDD4
  ziyb2lGD8IQbEQEBg6kCANj9mr20gcYRZ4eDfnuTSkSvtjvKox0EtM+UnAAgihxU
  q5vNCZDEeohZSZBR/p2pktcSu+cdk5bBFHtzkaNTt82JAFUCBRAv0u2cmTVOo2j9
  /00BAdubAgCcmQl3gvdeQuA2zSmqHNrCEXdmjIIltOWc8WFCPJjDt6c2cBdmuwoO
  YknWWGDMKXvTlh6lPgIVx3fhlhobxxFKiQCVAgUQL9M+R0axifvg3qptAQF7tAP7
  B78y93gaojDMC8NwfiNKh7l5cBh0ONA+W1g3O7YLE5W7Z/fOg4H3pOujnqU7H3Ns
  ChmDxtBKQIIiZXpnNg4Nt3F765t8EPrMmjjQJ4a6+8CHfmXmfNSWqPMdjgJW4ykM
  nUasGhgF1Z8flNNkfH5gfW9Gr8UcClgKqa5xvkhC5cyJAFUDBRAv0zvKQwZ3Rx/t
  AzsBAVs0Af91cEjH3oZPIaydSZxPUjF1SE3p93NnY6A3mKZR1vkewG6sRqVa4MO4
  lw8w8AU7ge2rvwupF3weF1Z9DG2bauGmiQCVAgUQL9M4SuXLhgyrRKDJAQH/vQQA
  jGM370MwcIfmtQ9e/0j0nztQwQ18dXMA+dMyNHiGrc+JC71u5zjxwmO7R1Vv7ZSA
  af9PslF/118wS6fFg9BP+LO5T4D44wMJTfiMMv30Q4Sfxn9DX9N3iYzL1PTHmlCO
  fCQQqvC451XbcXECqmqWHEqII8//4w/h9yrl/5F/uXmJAFUCBRAv0lcf/ZhK+bLW
  8KUBAc/rAf9rmJ56O40QVD803+bU1zSiSE1x+FURt+ceAsozqo9taFoRIGXTa8Mp
  swStyALnJKpyDkGEnTfRdARVQtcEzYJniQBVAgUQL9JDvxEZCRz6lM9/AQG2xwH+
  IQAJZEvldNHzeikez18Txy12EnJ9k+za2rjPVnlX7+teIY3VNO1homUgwqjoOHpZ
  kdGgdOdmufOglT3Rqrk5FYkAlQIFEC/Rt+1JSaYsE52Q4QEBzUYEAMonc3UFNjGo
  n8F/omc0PPA3rfH2IS6G31FN6fRarW1Pwk7CWlx3wgHm6gO9xfV5lDjBJ+lVmbmL
  z/1MZhg646eFRbugtBYbOXwE6zmNrKBhchVueVONzwWPIA8BZtR2Lw6CikAOhKgl
  4ndg8PO8UUg8gh0VUKGTPDK0MKR7ZCpGiQBVAgUQL9IXPnmMGAx7t12JAQGpIAH/
  Zrl16ULw3/gl7T11EbnbA9T3LjXuD4TG3IGeEV3z1wbRp227yN12a3PbavEKJj1m
  fWrZaT89Xt1smYBaIwX4aokAlQIFEC8YGepIX6svI9kr4wEBnO0D/1R4HlUM43CU
  jxdinzcijOJxRNe7ieXpp7xNn9SuJotDVeCLDRFSpmF2EFb0KDyoX2bY18xPT9sW
  tIMYv4XigSBwfuR+Sp+J1CLdP+zzmIZbZBc+3G5xM6nipvaKl1DkhSlLqedW4dmg
  1rKgCOXYKHdzHUcaneNE4rkoWlVwG5rhiQCVAgUQLs1+vx4pcI8ahJlRAQHwXAP8
  CKLDWFLJ7Fc3JZ0MnuPxW79M9nRQwL2TI/Vd4lCUSiDOUdEvjU45MLmLgU+4OZNP
  eXaBSLkN4z8PUkxGEEvSeCFE7u04VNq1GJ2aC+fHVFzuWbp0LsezqDSnm6xvBxz4
  0yEaZnkXu3+66kXZV/E4BNIkCaB5V2qXxrBIg0D10iCJAJQCBRAux7auD0cvWzTX
  TcEBATNVA/jU+bTUqnlZdrf6KgCv+hDOs6VO538cExQNsBl7x82Djbp8Q5t21YEV
  8LiFN1imuLYqHXqDEHt7qtroNaBYXgnR24QjI3urel+kYMibZWxGrq382C2apRea
  EDmQ1qtEzP+kXexaawAzKMo8VKWMnXjQYBLZohuUqfciE9A7OQF1iQBFAgUQLr7F
  rZXTi1FmcalVAQFOLQF/WCuTfcsEc7z1WK5BMQltCgnNvuz0himNP2FxPl4g5rq3
  u8i03dqPbuVwfrxSzy+m
  =tg0D
  -----END PGP PUBLIC KEY BLOCK-----
  
  
  Type Bits/KeyID    Date       User ID
  pub  1024/28AA55C5 2000/03/02 Daniel Lopez Ridruejo <ridruejo@apache.org>
  
  -----BEGIN PGP PUBLIC KEY BLOCK-----
  Version: 2.6.2
  
  mQCNAzi+5mgAAAEEAKRyfbHaGoNuWwHVSa/5mRbWdhDTkR26z3Uwq4KdCZ2Wp+b0
  VF4Tfh6d4IoK2jXKBUlUfq+v7FYzSzYdPCmwB9L9cHlaU/ItfcWD2G7rIHyO/lGn
  VXK/BGUPoOhT2yeO8tf6oe81hmN5VzqqhG/SWEkwlJASRX3ApyanqCooqlXFAAUR
  tCtEYW5pZWwgTG9wZXogUmlkcnVlam8gPHJpZHJ1ZWpvQGFwYWNoZS5vcmc+iQCV
  AwUQOMAjHyanqCooqlXFAQF9swQAnVrUersSbO/SrT+nnwgRPL/xRMjGCQe93gUe
  JPcOOYU2be1tFGynJl842SIDPTHcJVg1hHReO93K4jvQKsbmT5zrzIlQ7hVB2u48
  WNcgsIKWIxcGaMp4+qsDOhN7Fh7vIEZdRRYhL7YcGKZ2WnXOZnGsKSD8VZenycwQ
  cAA4xkA=
  =3hIM
  -----END PGP PUBLIC KEY BLOCK-----  
  
  Type Bits KeyID      Created    Expires    Algorithm       Use
  sec+ 2048 0xC808A7BF 2000-03-09 ---------- RSA             Sign & Encrypt
  uid  rbb@apache.org
  
  -----BEGIN PGP PUBLIC KEY BLOCK-----
  Version: PGPfreeware 5.0i for non-commercial use
  
  mQENAzjHNiMAAAEIAK+iTnKRHymuUYmRRe6JlH3oN4GfpakM6CITpS0aM/piJBX8
  MNgcCUK2tz8MSCqAlfF+2r0hGRMSQ+UpXqLXcJaCkGIvXtlKmxCcCX6R+LDCnzoa
  QvOar3+rKFFJyiauyV7VPucZZhFKesReG6o53uoOAd0jyzcV9TdpAIn4Xl8W617T
  L98GdODY9jK0zfgGo2bSgPpo2YswlDCGbYzRX6bfEGmAbP4t4UnP1ikVCE3NTIyz
  gT4kywMb5AT1Tm3FbwTx7rXc/nL20t22VTJMjyCxqPrOTs91PxdXyTAQUKY82x+U
  ZgW39f6aKrJHDEJtxOyym+B5NpYgeP5QQsgIp78ABRG0DnJiYkBhcGFjaGUub3Jn
  iQEVAwUQOMc2I3j+UELICKe/AQE4yAgAkNXkalNn8Xi+v3BFCmHLlB7PKlItzlS2
  PnMcTJPgzO8w+PyXc5lzS3dnqLEBoCwRazEZh8ncVbeBJz1LjQU67gvCBqyFl+3n
  r+Z8k6cJYw1AzSK9FLAgOEtG8IdE+jsPq39xORpu6Dhsuln++G1xaK6fePeAEgR3
  qH7gog/SFCa9QXQd85wsGRlQlmMwe/HDyoRd/iHg3X7mr4yB+zYkxYKDD+TKlSqq
  V23n0H4n3oTI10PfaB8LDYVuPiQvIRn08XKUv0Att1KPH6iJTIJ/KRbZyGb2J+1r
  RO1nBGw+qaOAw4wUQXOpJyXVUeanIt1tSe8Gczlf/uxJZdCNSpgeqIkAPwMFEDjH
  OY/9b4jGIdCnGxECdl8AnAvSwMQ2v2ryh2NLL4FgfVLCjb40AJoDu0jaEqUinZnp
  oMBmjFgtsDYp+w==
  =5ByY
  -----END PGP PUBLIC KEY BLOCK-----
  -----BEGIN PGP PUBLIC KEY BLOCK-----
  Version: 2.6.2
  
  mQCNAzjJAagAAAEEAKkko/H+E4+c7OXgiNfBCwlU/PrxPovDS3/JCKuILnflbNtC
  Lxbqvf7LccZ4LoiHOKd3+G4V8BgaTndqADx4crEsS0BpNrJdshPmXajzkdQeo6jN
  nts6QJ8/mlL4Q+s2/8dnleCrgDkzP4DpAIRGK9OARE/TKmUFUonO2YYGoUwFAAUR
  tA5yYmJAYXBhY2hlLm9yZw==
  =dGNO
  -----END PGP PUBLIC KEY BLOCK-----
  
  
  Type Bits KeyID      Created    Expires    Algorithm       Use
  sec+ 1024 0x00ADEBF5 2000-01-25 ---------- RSA             Sign & Encrypt 
  uid  Marc Slemko <marcs@znep.com>
  
  -----BEGIN PGP PUBLIC KEY BLOCK-----
  Version: PGPfreeware 5.0i for non-commercial use
  
  mQCNAziM6n8AAAEEAODTLW2h2homp9NCjlsNdQQQACaUgrEm0sO0Lr1BVSp35fFQ
  a6XtrIxQXwcvBqM0py1ea2zcmYqnv6vY+7i6sBnxiNNugH3ShBnOYeCaO6AzQNaN
  2OvLkB7+1AoDmbU4a/+APtLrhzYzUj4DmwSmr7wTwdO06PsdM1Qv/g4Arev1AAUR
  tBxNYXJjIFNsZW1rbyA8bWFyY3NAem5lcC5jb20+iQCVAwUQOIzqf1Qv/g4Arev1
  AQFTZgP/Q+/pcNsCncKr4x39f/N5zXine0zQaKY46ek+PCUrhDm5N8cFTyijE7V0
  huRDVENAFkwtznz/H7BN0vtMRlvUQJOPFa2UaN8zIbcMIzSbiNEx5nvfFeT/Gr52
  GtnrQ+BvczfaauJ0Zw4p5uq6na/+0iyEf17d4qrhIBftlO3Ti+M=
  =+laC
  -----END PGP PUBLIC KEY BLOCK-----
  
  
  Type bits      keyID      Date       User ID
  RSA  1024      0x62C48B29 1996/01/22 *** DEFAULT SIGNING KEY ***
                                       Ask Bjoern Hansen <ask@netcetera.dk>
                                       Ask Bjoern Hansen <ask@plys.net>
                                       Ask Bjoern Hansen <ask@perl.org>
                                       Ask Bjoern Hansen <ask@apache.org>
  
  -----BEGIN PGP PUBLIC KEY BLOCK-----
  Version: PGP 6.5.1
  
  mQCNAjEC6XcAAAEEALdrW5rH+2XOKX2zAPQmgomvHGADJedG4Dxf3Ci3HpGmKazV
  Uoo/f7Vf21ldvBBYC2CMpJU5uiMstNdrJ8Rx0KDBH2pLXsfE4XvVm8cGLbHcJycj
  cZsYl4yppOufL/76kmpP7q0Jni/pXrkYg2mLG3lCN3JoZqX9tvkoKP1ixIspAAUR
  tCRBc2sgQmpvZXJuIEhhbnNlbiA8YXNrQG5ldGNldGVyYS5kaz6JAJUDBRA1eczx
  +Sgo/WLEiykBAZIjA/4+uCJi5WD0p3EFzOnmkZRxf8egjQlFdBDVR7sixVToZCze
  oZZ9EVianFbwv8XU0McA7FLSUala0FIxRtmOs8/yN96rhBqJnYfLxu3b/ZRpBf4Z
  UExXQbussUX7AsPUmFim9Xp8mTy7xDEpcfiBnGY9Dtx+nmSvyLO38W5VvKP1qYkA
  PwMFEDV7CdYJPTjw/8ByixECHSsAoKUySg0ht56Rjsct6ViXjWfVEF1xAKCldK5x
  LXMjefgsiuW3n5seRVogQokARgQQEQIABgUCNgEYdgAKCRBoqAGJariS5S72AJ9N
  JsXpts88tCq7uZiirWlL54vTUwCg4A2urEUCEPuSz5deMyMX4lpjN5GJAJUDBRA5
  Ix6ndTAZgHu8twkBAZDHA/0fiaJSxGAxIdgYQY1KqYJGWg/E7Gwn87kZyiRHKUaJ
  gP4IA4PVnh0rMtTTo+CWyzcqMPjRAZNDW4ECWymrqqNrYgqy/NrcN4h7LZC5wmnW
  hXF3HdgAgxIn7m2YQOLluNqIrhVKga5G9/xytZLsF15qZbvjyX4mqToOsRqAtUBI
  ALQgQXNrIEJqb2VybiBIYW5zZW4gPGFza0BwbHlzLm5ldD6JAJUDBRAz6gMS+Sgo
  /WLEiykBAd9fA/9YdBn26x/7DE0by/Zzelfxu8o4AgZOV0AuWqZJebXKjeFmkJ0B
  lZRaC+NUcvpXOcANP6berJknvAMjNfTD1wi89XUVlbisDSW3UMR7Op8EpYjqLTo5
  u+KmyS+ehhQjA3somcJc8fBdnGJZ17cKWEbzJK+oJBvnzpjtgtvw6/oH/okAlQMF
  EDV5zQX5KCj9YsSLKQEBbk0EAJ+CwSbR4QQ2pgyXV7U4P4+1xSXa8U6IuI7AX9Fm
  LNlDu7a8DnJt8trZxjBcEMZcfoSNmbjIzMotzl0vvtDpqYgKfJ5Dd3eUTRCDYYS7
  8DoYcuB0cunBoGijkHS/2IkucAZGgcnNjPdhm7EnDJ/4F5VR9ZByqXiAIhZ746bs
  Z+nrtCBBc2sgQmpvZXJuIEhhbnNlbiA8YXNrQHBlcmwub3JnPokAlQMFEDkjD+v5
  KCj9YsSLKQEBEK0EAJBYAopnB9/dun1G0t+TKWVwGQUi56sWd5bwLypHklf/fy2V
  QPjCz9QoI0L/jAguBrqCfwtlIHRHMwzvvNWLRtuA8oiTDl4w2gO2vjy7V3Y4qneA
  3U5CYRT/ekvK42d+aHA6yMeHSPlNEQg09Idmee5Lub7kV8ejjtRZ8s3jcZ0utCJB
  c2sgQmpvZXJuIEhhbnNlbiA8YXNrQGFwYWNoZS5vcmc+iQCVAwUQOSMQB/koKP1i
  xIspAQGtCwP9FFWCZN2540lomDAY6tXt7Q3AhP/CkAec5i/lsv21sUl09jlZQnr/
  Kc8hL1lPOuAlLFGqso3zL7KMVlrOIng+R/E5fcYpE60QhhIoHdvlxFKTJ5GZq7DG
  stCrR34q2A4OWtoC7tF0Uu+Ew2ontVgvqsrgq4qt0h3yh/kABp/8mRw=
  =GGxP
  -----END PGP PUBLIC KEY BLOCK-----
  
  
  Type bits      keyID      Date       User ID
  RSA  2048      0x10FDE075 2000/10/09 *** DEFAULT SIGNING KEY ***
                                       William A. Rowe, Jr. <wrowe@rowe-clan.net>
                                       wrowe@apache.org
                                       wrowe@lnd.com
                                       wrowe@covalent.net
  
  -----BEGIN PGP PUBLIC KEY BLOCK-----
  Version: PGP 6.5.8
  
  mQENAznhOVsAAAEIAKuVs0grRRD6sNsgkr78WHvgpxf7ExaKI/bWEtS7eiFwJ+JE
  qP/ceM/zpot1wzUyNAVC+wiOJaj8CXyFrrmsjRM6zO5hRE/Hkf4me4ZviDP2lJTH
  suoTIcmSRdY6q3dIFQJVWPeDU2JhjAE313R/U6G/uJ9yVK86YPEC/b5Wr1XIDwDR
  GE9X58tZgMTDftYM/1wxeQNNF9kyFQky/45H/iXOirj52RI+gchkZfgRbfTSbF8r
  zSvs+JTHJBiSv4SpcPMq/ZTsxju6BIxb+PVaRVthIGcgRrgSgjPyTQYuPzcw0Zi3
  W3zfhlXCYngtumV9AM1uv5teiKlP9xOoeRD94HUABRG0KldpbGxpYW0gQS4gUm93
  ZSwgSnIuIDx3cm93ZUByb3dlLWNsYW4ubmV0PokBFQMFEDnhOVv3E6h5EP3gdQEB
  jLMH+QF/daZ3aqh2/EtFuIOMNUQw+sF4mxgp7HQvhvwgfbOzT3uczqgtLlVd/a4r
  cPd6LxD4j7HdNXCJaOn3ANgaZkqUyNOMyS5Z3Fiyjq8o1t4lFcFo6Vk5Y24G78On
  Z19Dvw/KayiYFcVVoEJX9WssFmq6VwKJyx68pg2tMfDKiCOG2tZ+LWZnsQd60ceB
  p3MyKKAHMQQu3B2mo0xm603JeobTxBydxrJ7b9LXYAcqcm7CdJ3ELutUQr7oQu/b
  cDhnphdlEjqZqWDQ6I06lxU9MSxdO1hpM0bShzmXZwKXClDP3w0+2DG/Udy2Qj/6
  F7RUNmUkBfiC5HQEb8seFF18pja0EHdyb3dlQGFwYWNoZS5vcmeJARUDBRA54Twh
  9xOoeRD94HUBAR68CACL2MB+LvmGljFOSeJXp+jnHsW117bORlnicyjbi8ySIRA5
  xIa/z8isBgVY6tQ9EHA9M8f0DNxIiWtb2UBgSoo6ez/VC9rpp1TcQn/9BjXXPNpP
  cASn+uC50giwhR4aKwmAY5tLPWU605/oAd012F9HoZXVIouHmGuxTYaL/FW85Quf
  2+FcZ7jZX7w550I/031SDEAiC+PGIgUL+Px5kkHl2CGVyS0yz9m+ixTrIXjjLNy+
  Tm1/bkxIkaWeQhO44Gfd/1FOhaRcONGOxNdl+EWNg3/ZkacJKzWIke4TtRa+ovip
  yMjeTNotxPjJVa7C8LXgnktqDh8pbCJpBDs7xUZxtA13cm93ZUBsbmQuY29tiQEV
  AwUQOeE8RPcTqHkQ/eB1AQHjrgf/dtXuLwcUz3unBUeRJwScX03q1UpLVRlap/9N
  D1WI5WdtRCBdgBv/KNM5yD1wcVHBgv60Yv6xfm57J3+D9azw/MDBKXeltTDgUM1c
  0N9w2OWuAwWpLSsCtOrxGbiW0wkyx+9U11YK+EsK40xSxlJzBwdcZzOuty2y/35y
  y6TmNUbO/XU1LLkm5AoGJwOHV8B5c04VhkqcHNHRMMG3TTs3oLP70ldHtn5OhyQd
  rZ3zmLJsrzx05S6HGonKv/yOFpdwsdqLq7hduNTf5zU1zFNdnpvRtXE7tuNbYqXZ
  V180pYUIaKismO9qkaWINR3gNfBpiIxNm3ilhOBr+yKpTVNZaLQSd3Jvd2VAY292
  YWxlbnQubmV0iQEVAwUQOeE+rPcTqHkQ/eB1AQFpfgf/T23qlkH//oxtKHZPeZyo
  bAy4jury203tMp+2uvcUJ3WrAOZ4ci17nIB0WwQSNpHd0YMEx37jrpqrx1cgfUQW
  5bf9zPY2go9mCvqBEXkxeaG/uLBoifxdAlxT5jBI7CycI5rGmu3nq9ZfdtmxM9Xz
  JzOJX8Y0b+nM4BMtG1B5P0fAHryS4wSEHZNbEX/twp8aE4bK9+9sWQxJESfcgAVQ
  mYNNTI9ibexdCcWLlu0kCjmOs1CG/jAjxPMgkYQ3IXhVuwKE+agRQOv2LCUgC+tB
  dH7qif8zXKR4td/wEgwcxzCJCril5zmVZhhsRMPC2Hf3f9bAMGTUM568+aKglxGg
  RQ==
  =0+H3
  -----END PGP PUBLIC KEY BLOCK-----
  
  Type bits      keyID      Date       User ID
  RSA  2048      0xB96CD0C7 2001/01/04 *** DEFAULT SIGNING KEY ***
                                       Bill Stoddard <bill@wstoddard.com>
  
  -----BEGIN PGP PUBLIC KEY BLOCK-----
  Version: PGP 6.5.8
  
  mQENAzpT47cAAAEIALLL4JXm/9vHTouYSWrdDvAvNNxa6UwOZ1Sp6urCgGtuRLz3
  ysFFY4hlfIhSUvMdBuLMY5X73Tzg0+LpzCBuvRHasSUWO/5UMlTdS4LnI6oIS+7T
  Nc//iwPQaH+P3CU2QScftyI0kS6kxr49Ejf4UZrJwMXsgvk+oDzRIdx1X8F4A5oW
  oAUl2njrqVodbO9nPifBPlooHg84Cm3r1xgMK8OPPSEiVnmypmwTXE0fMsxAmW/6
  AqPf6x54tKmAyFY6UWM1bX/XhjVlwUu0Ax7ndBTKgw2ZCZA3TY3GQTPNbiK7eOpr
  PUYN69EIKwtyFZHDSalkVpaZB44/nZygsbls0McABRG0IkJpbGwgU3RvZGRhcmQg
  PGJpbGxAd3N0b2RkYXJkLmNvbT6JARUDBRA6U+O3nZygsbls0McBAazZCACW0+ss
  3zAcpJNVI8rBZGwRSCEHW+NVRCQvrT4WiXQmb0fcTMJD8WD7kkMrYxaDuRzx4Iqr
  nwdTqzc0MieM8j0lqa7zaoncxYFh/iLeeZKvK1988UIrVmFDslRQpnzeSXLjUWnF
  1JYsS9+sYt8NBJGSIGXALji8QwcjpjRagzNjyO9YEs3TkGqdNslTQo1LJ2ZNIH6T
  aIWoTdnoU9WUUldsSQEbYB6JNNP67eiFTRZZnKradoQ0PVBXtYZAw1zOp5y/xPH+
  72vhKLk7+Tt3zaV/SmoB52ssE7AXazdQtHfH3N5XXtZJvjIIf/Y/Svw+OaJ2nD3n
  Jn3b7QtvWvkY2geD
  =0D9G
  -----END PGP PUBLIC KEY BLOCK-----
  
  
  Type bits      keyID      Date       User ID
  RSA  2048      0x423FF2F1 2001/03/16 *** DEFAULT SIGNING KEY ***
                                       Paul J. Reder <rederpj@raleigh.ibm.com>
  
  -----BEGIN PGP PUBLIC KEY BLOCK-----
  Version: PGP 6.5.8
  
  mQENAzqyerAAAAEIAMPeottLIzgSNklzro66gEnshbRLeb8MRwlivgOMxl5MgDpx
  sH44MPaYKaB1owFQdVSSA+k8ARrxSbki46mQvK53+t1yUeVtaPu85GBta4Q2paXJ
  +2/JVB83Qt8ZdkR7bA3Rxet+Poye4wqZcNQW271FS+sUkTvhAF6nb+5nWFNyKkTe
  ApG9eudukksFd4Uh6ekMjpOX0HPUXoyzf7CmwSERZIny+qwK0dkKkr6qKvZZOEXu
  wjnFgQoqcj242usLpGUfrGZCDQsOheGmaWH+RxrmccOqqqfmjo/EoHNjmEvfRSDP
  Mviq9p574VRsKdt3smkyo63DcaguX/FV7EI/8vEABRG0J1BhdWwgSi4gUmVkZXIg
  PHJlZGVycGpAcmFsZWlnaC5pYm0uY29tPokBFQMFEDqyerBf8VXsQj/y8QEBX5AH
  /iGMf93L2+1NP2MHZzuggQrcRcf7fkOdVRfx0GcMUFuet4G/0Qg/NKy24J2xMVLI
  E03//bn99c47BmGWlSrsuKM3nHXDtLHfmX9ajWB2x5TGLsQqCubfvGyxviFKyUKr
  tVLrvOmfiOGZkbRjD1r1mjNKWONKgUcjgFmSqsZPnZsclNjOMnqENVwOtSS14r0K
  YMquMP/sk7xDNZlRVUPEVn2TlLSBJp0NiAzwzbafbszX6xHLRJzE23hCGjl0ZnX+
  zkBusLpUGkuRkK6phJO6pg0E41D5QRnts3pHaDQ4EI6jEnWwlIsavrHh0mAw6ocf
  oO+6PlKrPkqjgRSHYewLqnU=
  =WB/Q
  -----END PGP PUBLIC KEY BLOCK-----
  
  
  Type bits      keyID      Date       User ID
  DSS  1024      0xB0D5F771 2001/07/24 *** DEFAULT SIGNING KEY ***
                                       Cliff Woolley <jwoolley@virginia.edu>
  
            Key fingerprint =  3D E0 24 AF DA 7A 4B 15
                               CB 6C 14 41 0F 81 AA 8A
                               B0 D5 F7 71
  
  -----BEGIN PGP PUBLIC KEY BLOCK-----
  Version: PGP 6.5.8
  
  mQGiBDteBSwRBADAFBGWcqz40R9Ne7jX6zyk1XMqVsab4LNZMzd67n9J/Qni34Wq
  5ZMHKUUqMYgIgKjUB4J7J56XVoPEujGBxG7kb5HOi4Vt8C8jg3FF551yM2WgamVT
  cvEKwHeltYeIyYdq4DLCBt5GENA+/amakMS8LiHWPSz9+/RLzOUJABLuuQCg/y5p
  WzAw0lIO0OoFz2U1RLQ+RZkEAL33hMq4C9yfGsEKkSp7od8koJ7Uw6SvZEbRLaiv
  pxjDCeqM0Kd4CNyVgprdnnYmMxtsQQ8B1Hu9NE4///h1Gk1LWZnXw1/aTbZZKL21
  JPqkxdjRnqAztOuFo5pO0+EGG6Tg9euTjr4rZ9VhAYaO53Yhv+uDDaVB14HXtMMl
  bw+1BACNRHYjHxJPrRTF4u8lwgEsUC15hPUQZyqCOtYrWcu/FcfEluduA9E/7OTj
  +DblPWViPLb3+9ojjwA9A3MRFA80nJTMbloSdNsTvMq+UFmk2MkKS7qsAMjLRC9P
  nbHA5tzzHuVscDZDLp7otIKaAGAqrxLXPc0DMM0JB6WG0A5N2bQlQ2xpZmYgV29v
  bGxleSA8andvb2xsZXlAdmlyZ2luaWEuZWR1PokATgQQEQIADgUCO14FLAQLAwEC
  AhkBAAoJEA+Bqoqw1fdxNb4AoNLFL4QgmbCEZhyVk1PwtC4oqmujAKCjymGdDhbi
  SruZ7t/Qo0bvGpDa3A==
  =4uWN
  -----END PGP PUBLIC KEY BLOCK-----
  
  Type Bits/KeyID     Date       User ID
  pub  1024D/6D791A41 2001-10-26 Greg Ames <gregames@apache.org>
  
  -----BEGIN PGP PUBLIC KEY BLOCK-----
  Version: GnuPG v1.0.4 (GNU/Linux)
  Comment: For info see http://www.gnupg.org
  
  mQGiBDvZp3cRBACm75cSDrKQCCGZIv8QL/AvcNMidSpnuZn1Huvxq28bgl1eh3br
  2JHBb8CYh1ijUNk9EQeB/fl6go8NiuWeLLVZkJGnqQRZSVGe+ukpZFLPFGb3mgGS
  lBmO/88gQ3gld5Cfumy7VRmMA3EtLCQlI25h74RcPIw5Gzil7pSj9N4JywCgsLDR
  olk/+Y4kTdHW1PTt0YbBETED+waq/aICopOLAtEC8W/G2uexi/m+FPXWwM80Mkxh
  K+2tjZX9oxzQQ+/GDeFId3q5NbSndscAFMq57ZI9/daenkdGLQqG8gaO0Hto24dG
  YNft/w92i5beYG0CPJoIFspCY46GeYaV0HoKaRkLVfcxXqN9UKvKmH18HhO6GO27
  idRMA/4l24wu/Qbp20PvEKTEAsPWQSfUjtbMECUdpmzC3/ZG6SWO1cICV/b+QlSC
  p5agjTesvno7GJC5IVs09RAkW6NmX4wVLY1LROPIzCriJKoKfgEeJcEqXPZu8q2R
  S3U2UPe0PEzzHjdWZlwps+iSr1qafaxRfZsnUXMU8X5KsV6GFbQfR3JlZyBBbWVz
  IDxncmVnYW1lc0BhcGFjaGUub3JnPohdBBMRAgAdBQI72ad3BQkSzAMABQsHCgME
  AxUDAgMWAgECF4AACgkQYF4WWm15GkGFuwCfaWyKPP8/CtIqgZkIBxUB4QqYwiMA
  niSB7MFpia1iTSSLg7e9dum5wrasuQENBDvZp4UQBACBHtkysTqPXCHqzsr75CSL
  7SbdmLQQamlMxw0crksTfDZyPIr6AVfZcojd+EHO/6bHU270FxuIwfR5n2NejIIx
  oZzjkTJ/TAa2r5qFy1XoUMnodF4qSNPq/JTajIaHXTSgNtPfuw098h3ommZ8XGSh
  OMEovonFFjNNXYCHeY5EBwAECwP+OJdDyBkt9r4Zr/5mbhsQJ78TlKhDpDy094zW
  /pHgULSEsVKbGbRGcDLYnTZ8Hjs7pCuyGy7uaCuWArRrnAzP40LNHEao7svl1VmR
  wZFsisZ10D5kRB8MRVh7ckdOqxq/lSC8AfMBaTmN81Z2ljMWQ7SEvdCGq5OU2wn7
  O59wAOmITAQYEQIADAUCO9mnhQUJEswDAAAKCRBgXhZabXkaQSHkAKCUveQ2Ews0
  yTd8V9Co3kVUq0E02QCfccreS0fXB9D57p8qPvXRWvJGiRs=
  =SVx5
  -----END PGP PUBLIC KEY BLOCK-----
  
  
  
  1.1                  httpd-site/xdocs/dev/dist/README.html
  
  Index: README.html
  ===================================================================
  
  <H3>
  Please use  the latest <A HREF="http://httpd.apache.org/">released version</A> to avoid disappointment.
  </H3>
  
  
  
  
  1.1                  httpd-site/xdocs/dev/private/.cvsignore
  
  Index: .cvsignore
  ===================================================================
  bugdb.cgi
  
  
  
  1.1                  httpd-site/xdocs/dev/private/bugdb-todo.txt
  
  Index: bugdb-todo.txt
  ===================================================================
  1) Allow editing of priority in edit-pr interface
  
  2) Sort bugs in viewing interface by priority, state, or category.
  
  
  
  
  1.1                  httpd-site/xdocs/dev/private/test/works
  
  Index: works
  ===================================================================
  it works!
  
  
  
  1.1                  httpd-site/xdocs/info/aol-http.html
  
  Index: aol-http.html
  ===================================================================
  <HTML><HEAD>
  <TITLE>AOL Rewrites the HTTP Specs</TITLE>
  </HEAD>
  <!-- Background white, links blue (unvisited), navy (visited), red (active) -->
  <BODY
   BGCOLOR="#FFFFFF"
   TEXT="#000000"
   LINK="#0000FF"
   VLINK="#000080"
   ALINK="#FF0000"
  >
  <DIV ALIGN="CENTER">
  <IMG
   SRC="../images/apache_sub.gif"
   ALT="[APACHE DOCUMENTATION]"
  >
  </DIV>
  
  <H1 ALIGN="CENTER">AOL Rewrites the HTTP Specs</H1>
  <EM>Note: As of 25/12/96 AOL has reversed their decision and the problem appears to be resolved.</EM><P>
  
  <ADDRESS>Written by <A HREF="../contributors/#terbush">Randy
  Terbush</A>, <A HREF="mailto:ed@organic.com">Ed Korthof</A>, and <A
  HREF="../contributors/#behlendorf">Brian Behlendorf</A></ADDRESS>
  
  <HR>
  
  <P><EM>Shortcut to: <A HREF="#bigdeal">What's the Big Deal?</A></EM>
  
  <P>After battling with AOL's decision to dictate their interpretation
  of the <A
  HREF="ftp://ietf.org/internet-drafts/draft-ietf-http-v11-spec-07.txt">HTTP/1.1
  spec</A>, we have these findings to share with the public.
  
  <P>This past Sunday (15/12/1996), AOL appeared to have "upgraded" their proxy
  software.  As the upgrade progressed, it became apparent that the new AOL
  proxy software refused to communicate with webservers sending HTTP/1.1
  response headers, and answered their customer's request with the
  following message:
  
  <PRE>
    &lt;H1&gt;UNSUPPORTED WEB VERSION&lt;/H1&gt;
  
    &lt;H2&gt;The Web address you requested is not available in a version supported
    by AOL.  This is an issue with the Web site, and not with AOL. The owner
    of this site is using an unsupported HTTP language. If you receive this
    message frequently, you may want to set your web graphics preferences to
    COMPRESSED at Keyword: PREFERENCES&lt;/H2&gt;
  </PRE>
  
  <P>As near as we can tell, the proxy address is hardcoded into the AOL
  browsers, and at first this changed seemed to only affect Win95
  versions of the AOL browser. However, after a couple days of work, AOL
  seems to have progressed further with their upgrade and the results
  now seem to affect every platform and version of the AOL browsers.
  Netscape and MSIE used over AOL connections appear to work fine,
  probably since they are not configured (by default) to use the AOL
  proxy servers.
  
  <P>Since many Apache group members provide services to clients whose
  content must be servable to AOL users, several of us had to take some
  action with our Apache 1.2 servers and implement a <A
  HREF="../docs/mod/mod_browser.html">BrowserMatch</A> change that is at
  this time handling the AOL requests by sending an HTTP/1.0 response
  header. AOL appeared yesterday to still be holding in cache the failure
  message above for failed attempts made since the Sunday deployment of the
  proxy upgrade. It appears that this morning most of these messages
  have expired on previously failed connections.
  
  <P>We can confirm that the problem is the HTTP/1.1 response header and
  nothing else. Other Apache 1.2 servers that we are running, which don't
  care if AOL ever sees them, are still responding with HTTP/1.1 responses
  and are unreachable from AOL browsers.  One of these is the <A
  HREF="http://www.apache.org">Apache web site itself.</A>
  
  <P>AOL's response has been as follows:
  <PRE>
  &gt; ---------------- Begin Forwarded Message ----------------
  &gt; This message comes from sites that do not issue explicit HTTP/1.0
  &gt; responses to HTTP/1.0 requests.  In the past we've had problems with
  &gt; sites returning HTTP/0.9 responses and only the "compressed" side was
  &gt; able to filter them out (issuing "cannot retreive..." messages.  Now
  &gt; those sites can be caught on both compressed and uncompressed sides of
  &gt; the house.
  &gt;
  &gt; However, a new problem was emerging on the horizon.  New HTTP/1.1 web
  &gt; servers are starting to generate HTTP/1.1 responses to HTTP/1.0 requests
  &gt; when they should be generating only HTTP/1.0 responses.  We wanted to
  &gt; stem the tide of those faults proliferating and becoming a de facto
  &gt; standard by blocking them now.  Hopefully the authors of those web
  &gt; servers will change their software to only generate HTTP/1.1 responses
  &gt; when an HTTP/1.1 request is submitted.
  &gt; ----------------- End Forwarded Message -----------------
  </PRE>
  
  <P>This is completely incorrect: the HTTP spec states that
     minor-version-number revisions are backwards compatible, that giving a
     1.1 response to a 1.0 client is completely acceptable, since the changes
     made are additive in nature. Section 3.1 of the <A
     HREF="ftp://ietf.org/internet-drafts/draft-ietf-http-v11-spec-07.txt">HTTP
     specification</A> states:
  
  <BLOCKQUOTE> The &lt;minor&gt; number is incremented when the changes
  made to the protocol add features which do not change the general message
  parsing algorithm, but which may add to the message semantics and imply
  additional capabilities of the sender. The &lt;major&gt; number is
  incremented when the format of a message within the protocol is changed.
  </BLOCKQUOTE>
  
  <P>Even if the developers of the AOL proxy were unaware of HTTP/1.1, the <A
  HREF="http://ds.internic.net/rfc/rfc1945.txt">HTTP/1.0 specification</A>
  states exactly the same thing, section 3.1.  In order for their proxy to
  be <STRONG>minimally compliant with HTTP/1.0</STRONG>, they must allow the behavior
  Apache is showing.
  
  <P><HR>
  
  <P><STRONG><A NAME="bigdeal">What's the big deal?</A>
     The big deal is that if HTTP/1.1 servers had to
     pretend to be broken for HTTP/1.0 clients, the rate of graceful technological
     evolution of the web would slow, and the much-much-needed improvements in HTTP/1.1
     would be delayed.  But an even bigger deal is that we have a large
     company which is publicly snubbing <A
     HREF="http://www.ietf.org/">consensus-developed Internet standards</A>
     - a process they have been <A
     HREF="http://www.w3.org/pub/WWW/Consortium/Member/List.html">a party
     to</A>, so they have no excuse for ignorance.  If a large company can
     single-handedly prevent interoperability between their software (used
     by 8 million people on a daily basis) and <A
     HREF="http://www.netcraft.com/Survey/Changes/ALL/">the most widely used
     web server in the world</A>, what hope do public Internet standards
     have?</STRONG>
  
  <P><HR>
  
  <P>Some more thoughts on the subject:
  
  <P>First, we should emphasize that responding with an HTTP/1.1 version identifier
  does not mean that the message header will use HTTP/1.1 features.  This is in
  the specification; the version identifier is designed to identify the
  capabilities of the server.  When Apache sends a response to an HTTP/1.0
  request, it responds with a valid HTTP/1.0 response -- the only thing which
  might be surprising to an HTTP/1.0 client is the version identifier.
  
  <P>Both HTTP/1.0 and HTTP/1.1 specifications describe the version identifier in
  the following way: "...The protocol versioning policy is intended to allow the
  sender to indicate the format of a message and its capacity for understanding
  further HTTP communication, rather than the features obtained via that
  communication..."
  
  <P>Further, the specification for both requires that an HTTP/1.1
  message (either the client's or the server's) must be comprehensible
  to an HTTP/1.0 client or server.  So what we're looking at isn't
  whether or not we should send comprehensible responses, but whether or
  not we should tell the remote server what version of HTTP we're
  capable of speaking.
  
  <P>Sending a version number which indicates the capabilities of the sender
  provides another opportunity to negotiate a transition from HTTP/1.0 to
  HTTP/1.1, for HTTP/1.1-capable clients.  It also correctly identifies the
  version of HTTP which the server uses.
  
  <P>We could also partition the logic so that only clients ever initiate a
  transition from HTTP/1.0 to HTTP/1.1, but that creates an equally large
  possibility for failure, namely that HTTP/1.0 servers will reject such
  requests. Along those lines, it is worth noting that this 'problem' started
  several days after releasing Apache 1.2b2, when AOL decided to start dropping
  HTTP/1.1 responses -- not because there they caused any problems, but rather
  because someone (or some people) decided it was appropriate.
  
  <P>It would be preferable to have either client or server be able to offer a
  transition to another protocol.
  
  <P><HR>
  </BODY>
  </HTML>
  
  
  
  1.1                  httpd-site/xdocs/info/apache_books.html
  
  Index: apache_books.html
  ===================================================================
  <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
  <HTML>
  <HEAD>
  <TITLE>Books written about Apache</TITLE>
  </HEAD>
  <!-- Background white, links blue (unvisited), navy (visited), red (active) -->
  <BODY
   BGCOLOR="#FFFFFF"
   TEXT="#000000"
   LINK="#0000FF"
   VLINK="#000080"
   ALINK="#FF0000"
  >
  <DIV ALIGN="CENTER">
   <IMG
    SRC="../images/apache_sub.gif"
    ALT="[APACHE BOOKS]"
   >
  </DIV>
  
  <H1 ALIGN="CENTER">Books written about Apache</H1>
  
  <P>This is a list of all known books about Apache sorted by the year when
     they where published and in alphabetical order.</P>
  
  <HR>
  
  <H2>2001</H2>
  <UL>
   <LI>
    <DL>
     <DT><A HREF="http://vig.pearsoned.com/store/product/0,,store-562_banner-0_isbn-0130898732,00.html"
         ><STRONG>Apache Web Server Administration and e-Commerce Handbook</STRONG></A>
     </DT>
     <DD>Author: Scott Hawkins
      <BR>
      Published by: Prentice Hall PTR
      <BR>
      ISBN: 0-13-089873-2
      <BR>
      Language: English
     </DD>
    </DL>
   </LI>
  </UL>
  
  <H2>2000</H2>
  <UL>
   <LI>
    <DL>
     <DT><A HREF="http://www.administeringapache.com/"
         ><STRONG>Administering Apache</STRONG></A>
     </DT>
     <DD>Author: Mark A. Arnold, Jeff Ameida, Clint LeMon Miller III, James D. Sheetz, Gwen R. Rhine
      <BR>
      Published by: McGraw-Hill
      <BR>
      ISBN: 0072122919
      <BR>
      Language: English
     </DD>
    </DL>
   </LI>
   <LI>
    <DL>
     <DT><A HREF="http://www.oreilly.com/catalog/apachepr/"
         ><STRONG>Apache Pocket Reference</STRONG></A>
     </DT>
     <DD>Author: Andrew Ford
      <BR>
      Published by: O'Reilly &amp; Associates
      <BR>
      ISBN: 1-56592-706-0
      <BR>
      Language: English
     </DD>
    </DL>
   </LI>
   <li>
    <dl>
     <dt><a href="http://ApacheUnleashed.Com/"
         ><b>Apache Server Unleashed</b></a>
     </dt>
     <dd>Author: Rich Bowen, Ken Coar, Patrik Grip-Jansson, Slava Kozlov,
      Didimo Emilio Grimaldo Tu&ntilde;on, Matthew Marlowe
      <br>
      Published by: Sams Publishing
      <br>
      ISBN: 0-672-31808-3
      <br>
      Language: English
      <br>
      Note: includes CD-ROM
     </dd>
    </dl>
   </li>
   <LI>
    <DL>
     <DT><A HREF="http://www.mitp.de/linux/0612/0612.html"
         ><STRONG>Apache Web-Server</STRONG></A> - 3<SUP>rd</SUP> Edition
     </DT>
     <DD>Author: Lars Eilebrecht
      <BR>
      Published by: MITP-Verlag GmbH, Germany
      <BR>
      ISBN: 3-8266-0612-4
      <BR>
      Language: German
      <BR>
      Note: includes CD-ROM, expanded and upated edition
     </DD>
    </DL>
   </LI>
  </UL>
  
  <H2>1999</H2>
  <UL>
   <LI>
    <DL>
     <DT><A HREF="http://www.oreilly.de/catalog/apacheger/"
         ><STRONG>Apache: Das umfassende Referenzwerk.</STRONG></A>
     </DT>
     <DD>Author: Ben Laurie, Peter Laurie
       <BR>
       Published by: O'Reilly and Associates, Germany
       <BR>
       ISBN: 3-89721-127-0
       <BR>
       Language: German
       <BR>
       Note: Includes CD-ROM
     </DD>
    </DL>
   </LI>
   <LI>
    <DL>
     <DT><A href="http://www.refcards.com/about/apache.html"
         ><STRONG>Apache Quick Reference Card</STRONG></A>
     </DT>
     <DD>Author: Andrew Ford
      <BR>
      Published by: Ford &amp; Mason Ltd
      <BR>
      ISBN: 0-9534897-0-1
      <BR>
      Language: English
     </DD>
    </DL>
   </LI>
   <LI>
    <DL>
     <DT><A HREF="http://isbn.nu/0764533061"
         ><STRONG>Apache Server Administrators Handbook</STRONG></A>
     </DT>
     <DD>Author: Mohammed J. Kabir
      <BR>
      Published by: IDG Books Worldwide
      <BR>
      ISBN: 0-7645-3306-1
      <BR>
      Language: English
     </DD>
    </DL>
   </LI>
   <LI>
    <DL>
     <DT><A href="http://www.coriolis.com/bookstore/bookdetail.cfm?id=1576104680"
         ><STRONG>Apache Server Commentary</STRONG></A>
     </DT>
     <DD>Author: Greg Holden, Matthew Keller, and Nick Wells
      <BR>
      Published by: The Coriolis Group
      <BR>
      ISBN: 1-57610-468-0
      <BR>
      Language: English
     </DD>
    </DL>
   </LI>
   <LI>
    <DL>
     <DT><A href="http://www.coriolis.com/bookstore/bookdetail.cfm?id=1576103919"
         ><STRONG>Apache Server for Windows Little Black Book</STRONG></A>
     </DT>
     <DD>Author: Greg Holden with Matthew Keller  
      <BR>
      Published by: The Coriolis Group
      <BR>
      ISBN: 1-57610-391-9
      <BR>
      Language: English
     </DD>
    </DL>
   </LI>
   <LI>
    <DL>
     <DT><A HREF="http://www.oreilly.com/catalog/apache2/index.html">
         <STRONG>Apache: The Definitive Guide, 2nd Edition</STRONG></A></DT>
     <DD>Author: Ben Laurie, Peter Laurie
       <BR>
       Published by: O'Reilly and Associates
       <BR>
       ISBN: 1-56592-528-9
       <BR>
       Language: English
       <BR>
       Note: Includes CD-ROM
     </DD>
    </DL>
   </LI>
   <LI>
    <DL>
     <DT><A HREF="http://www.mitp.de/linux/0554/0554.htm"
         ><STRONG>Die Apache Administration Bibel</STRONG></A></DT>
     <DD>Author: Mohammed J. Kabir
       <BR>
       Published by: MITP-Verlag GmbH, Germany
       <BR>
       ISBN: 3-8266-0554-3
       <BR>
       Language: German
       <BR>
       Note: Includes CD-ROM
     </DD>
    </DL>
   </LI>
   <LI>
    <DL>
     <DT><A HREF="http://www.wrox.com/Consumer/Store/Details.asp?ISBN=1861003021"
         ><STRONG>Professional Apache</STRONG></A></DT>
     <DD>Author: Peter Wainwright, Lars Eilebrecht, Ari Halberstadt, Brian Moon
       <BR>
       Published by: Wrox Press Ltd.
       <BR>
       ISBN: 1-861003-02-1
       <BR>
       Language: English
     </DD>
    </DL>
   </LI>
   <LI>
    <DL>
     <DT><A HREF="http://www.dpunkt.de/webserver_betreiben/"
         ><STRONG>Webserver betreiben</STRONG></A> -- HTTP und Apache
     </DT>
     <DD>Author: Jacob Schr&ouml;der, Martin M&uuml;ller
      <BR>
      Published by: dpunkt Verlag, Heidelberg, Germany
      <BR>
      ISBN: 3-932588-00-2
      <BR>
      Language: German
     </DD>
    </DL>
   </LI>
   <LI>
    <DL>
     <DT><A HREF="http://www.oreilly.com/catalog/wrapmod/index.html">
         <STRONG>Writing Apache Modules with Perl and C</STRONG></A></DT>
     <DD>Author: Lincoln Stein & Doug MacEachern
       <BR>
       Published by: O'Reilly and Associates
       <BR>
       ISBN: 1-56592-567-X
       <BR>
       Language: English
       <BR>
       Note: <a href="http://www.apachemod.com/">companion site</a>
     </DD>
    </DL>
   </LI>
  </UL>
  
  <HR>
  
  <H2>1998</H2>
  <UL>
   <LI> 
    <DL>
     <DT><A HREF="http://www.ascii.co.jp/books/detail/4-7561/4-7561-2024-5.html"
         ><STRONG>Apache</STRONG></A></DT>
     <DD>Author: Youichirou Koga
      <BR>
      Published by: ASCII Corporation
      <BR>
      ISBN: 4-7561-2024-5
      <BR>
      Language: Japanese
      <BR>
      Note: includes CD-ROM
     </DD>
    </DL>
   </LI>
   <LI>
    <DL>
     <DT><A HREF="http://www.idgbooks.com/cgi/fill_out_template.pl?idgbook:0-7645-3218-9:book-idg"
         ><STRONG>Apache Server Bible</STRONG></A>
     </DT>
     <DD>Author: Mohammed J. Kabir
      <BR>
      Published by: IDG Books Worldwide
      <BR>
      ISBN: 0-7645-3218-9
      <BR>
      Language: English
      <BR>
      Note: includes CD-ROM
     </DD>
    </DL>
   </LI>
   <li>
    <dl>
     <dt><a href="http://Apache-Server.Com/"
         ><b>Apache Server for Dummies</b></a></dt>
     <dd>Author: Ken Coar
      <br>
      Published by: IDG Books Worldwide
      <br>
      ISBN: 0-7645-0291-3
      <br>
      Language: English
      <br>
      Note: includes CD-ROM
     </dd>
    </dl>
   </li>
   <LI>
    <DL>
     <DT><A HREF="http://www.mitp.de/online/0438/0438.html"><STRONG>Apache Web-Server</STRONG></A>
         - 2<SUP>nd</SUP> Edition
     </DT>
     <DD>Author: Lars Eilebrecht
      <BR>
      Published by: MITP-Verlag GmbH, Germany
      <BR>
      ISBN: 3-8266-0438-5
      <BR>
      Language: German
      <BR>
      Note: includes CD-ROM, expanded and upated edition
     </DD>
    </DL>
   </LI>
   <LI>
    <DL>
     <DT><STRONG>Der Apache Webserver</STRONG></DT>
     <DD>Author: Stephan Roßbach
       <BR>
       Published by: Addison-Wesley
       <BR>
       ISBN: 3-8273-1328-7
       <BR>
       Language: German
       <BR>
       Note: Includes CD-ROM
     </DD>
    </DL>
   </LI>
  </UL>
  
  <HR>
  
  <H2>1997</H2>
  <UL>
   <LI>
    <DL>
     <DT><A HREF="http://www.oreilly.com/catalog/apache/"
         ><STRONG>Apache: The Definitive Guide</STRONG></A>
     </DT>
     <DD>Authors: Ben Laurie, Peter Laurie
      <BR>
      Published by: O'Reilly &amp; Associates
      <BR>
      ISBN: 1-56592-250-6
      <BR>
      Language: English
      <BR>
      Note: No longer in print.
     </DD>
    </DL>
   </LI>
   <LI>
    <DL>
     <DT><A HREF="http://www.itp.de/online/0347/0347.html"
         ><STRONG>Apache Web-Server</STRONG></A>
         - 1<SUP>st</SUP> Edition
     </DT>
     <DD>Author: Lars Eilebrecht
      <BR>
      Published by: International Thomson Publishing
      <BR>
      ISBN: 3-8266-0347-8
      <BR>
      Language: German
      <BR>
      Note: includes CD-ROM, (<EM>sold out</EM>)
     </DD>
    </DL>
   </LI>
  </UL>
  
  <HR>
  <H2>1996</H2>
  <UL>
   <LI>
    <DL>
     <DT><STRONG>Running a Perfect Web Site With Apache</STRONG>
     </DT>
     <DD>Authors: Brian Behlendorf, David M. Chandler, Lee Brintle, Rich
      Casselberry
      <BR>
      Published by: Que Education & Training
      <BR>
      ISBN: 0-7897-0745-4
      <BR>
      Language: English
      <BR>
      Note: includes CD-ROM
     </DD>
    </DL>
   </LI>
   <LI>
    <DL>
     <DT><A HREF="http://merchant.superlibrary.com:8000/catalog/hg/PRODUCT/PAGE/15752/bud/1575211750.html"
         ><STRONG>Apache Server Survival Guide</STRONG></A>
     </DT>
     <DD>Author: Manuel Alberto Ricart
      <BR>
      Published by: Sams
      <BR>
      ISBN:  1-5752-1175-0
      <BR>
      Language: English
      <BR>
      Note: includes CD-ROM
     </DD>
    </DL>
   </LI>
  </UL>
  
  <HR>
  
  <P>Send additions to <A HREF="mailto:lars@apache.org">Lars Eilebrecht</A>.</P>
  <HR>
  <P ALIGN="CENTER">
  <A HREF="/"><IMG SRC="../images/apache_home.gif" ALT="Home"></A>
  </P>
  
  </BODY>
  </HTML>
  
  
  
  1.1                  httpd-site/xdocs/info/apache_nt.html
  
  Index: apache_nt.html
  ===================================================================
  <HTML><HEAD>
  <TITLE>Status of Apache on Windows NT</TITLE>
  </HEAD>
  <!-- Background white, links blue (unvisited), navy (visited), red (active) -->
  <BODY
   BGCOLOR="#FFFFFF"
   TEXT="#000000"
   LINK="#0000FF"
   VLINK="#000080"
   ALINK="#FF0000"
  >
  <DIV ALIGN="CENTER">
  <IMG
   SRC="../images/apache_sub.gif"
   ALT="[APACHE DOCUMENTATION]"
  >
  </DIV>
  <H1 ALIGN="CENTER">What's the Status of Apache on Windows NT?</H1>
  
  <EM>May 31st, 1998</EM><P>
  
  Beta versions of Apache 1.3 are available for Windows NT in source
  form and as a easy-to-install binary for Windows NT.
  A separate document describes
  <a href="../docs/windows.html">how to install, configure and run Apache 1.3b6 (or later) under Microsoft Windows.</a>
  <p>
  
  <EM>August 11th, 1997</EM><P>
  
  The next non-maintenance release of Apache will be version 1.3. This
  will work on Windows NT and Windows 95. Apache 1.3 is currently in
  alpha testing and available <EM>only</EM> as source. When it is released
  it will be distributed as a real Windows application, precompiled and
  with an easy install procedure.
  <P>
  
  In addition to the new features in 1.3 common to both Unix and Windows, the
  Windows version will add the following Windows-specific capabilities:
  
  <UL>
   <LI>Proper Windows-style install procedure with pre-compiled binaries
   </LI>
   <LI>Ability to run ISAPI server extensions (apart from filters)
   </LI>
   <LI>Use of multithreading on Windows
   </LI>
   <LI>Ability to load modules as "dll" files specified in the configuration
       files at runtime. So there will be no need to recompiled Apache
       to add modules.
   </LI>
  </UL>
  
  <EM>December 22nd, 1996</EM>
  
  <P>Apache has been ported to a very wide array of Unix boxes - in fact,
  we're not aware of any Unix boxes which Apache <EM>can't</EM> run on.
  This has been possible by making conservative architecture decisions,
  by modularizing the code as much as possible, and sticking to POSIX
  and ANSI wherever possible (and functional).  
  
  <P>However, due to the code's legacy, and use of metaphors and systems
  which are Unix-specific (such as, having multiple processes all
  accept()ing connections to the same port), the road to porting to
  Windows NT has not been a pretty one.  Several attempts have been
  made, both by Apache Group members and outside folks, but due to a
  lack of stability and a clear consensus on how to manage a true
  cross-platform development project, NT is not yet a standard platform
  supported by Apache.
  
  <P>This could change - in fact, our current plan for Apache 2.0 is to
  include compatibility with Windows NT, as well as other design changes
  to enable other ports to other platforms as well. As well as Windows
  NT, we are considering versions of Apache that run on the MacOS and
  others.
  
  <P>When will 2.0 come out?  Not for a while yet - 1.2 is on its way to
  being finalized, and while 2.0 work has begun it'll be awhile before
  it's got all the features in 1.2, since we're working with a
  significantly revamped code base to allow for multithreading.  But
  sometime in the first half of 1997, we hope - we have test versions of
  it running already.
  
  <P>In the meantime, folks interested in working on an NT port can send
  mail to apache@apache.org - when 2.0 work begins in earnest we'll
  probably start an NT-specific list to address porting issues.
  </BODY>
  </HTML>
  
  
  
  1.1                  httpd-site/xdocs/info/apache_on_linux.html
  
  Index: apache_on_linux.html
  ===================================================================
  <HTML>
  <HEAD>
  <TITLE>Configuring linux to run Apache 0.8 +</TITLE>
  </HEAD>
  <!-- Background white, links blue (unvisited), navy (visited), red (active) -->
  <BODY
   BGCOLOR="#FFFFFF"
   TEXT="#000000"
   LINK="#0000FF"
   VLINK="#000080"
   ALINK="#FF0000"
  >
  <DIV ALIGN="CENTER">
  <IMG
   SRC="../images/apache_sub.gif"
   ALT="[APACHE DOCUMENTATION]"
  >
  </DIV>
  
  <H3>Warning: this document has been unmaintained for a very long time.</H3>
  <P>
  <H1 ALIGN="CENTER">Configuring linux to run Apache 0.8 + with virtual hosts</H1>
  
  <P>Some advice on configuring Linux so that it can run <A HREF="/">Apache</A>
  and <A HREF="../docs/vhosts/">virtual hosts</A></P>
  
  <OL>
    <LI>You'll need linux kernel <STRONG>1.2.x</STRONG> ( &gt;=5 recommended) and compile with the following options:
    <PRE>
  	  CONFIG_MODVERSIONS=y
  	  CONFIG_NETDEVICES=y
  	  # CONFIG_DUMMY is not set          ( say no when configuring )</PRE>
  <BR><BR></LI>
  
    <LI>make dep ; make zImage ; make modules ; make modules_install<BR><BR></LI>
  
    <LI>cp /usr/src/linux/arch/i386/boot/zImage /vmlinuz<BR><BR></LI>
  
    <LI>rdev -R /vmlinuz 1  ; lilo<BR><BR></LI>
    <LI>reboot system <BR><BR></LI>
    <LI>insmod -o dummy0 /lib/modules/1.2.x/net/dummy.o<BR><BR></LI>
    <LI>ifconfig dummy0 200.200.200.50 up<BR>
     NOTE: Make sure the IP address you choice is a valid one,
     and not being used.
    <BR><BR></LI>
    <LI>arp -s &lt;ethernet address&gt; 200.200.200.50 netmask 255.255.255.255 pub<BR>
    NOTE: the ethernet address of your ethernet card can be found if you
    type ifconfig eth0.  First line, there are 6 hex numbers sepearted by 
    ':'.  Use that.
    <BR><BR></LI>
    <LI>route add 200.200.200.50 dummy0<BR><BR></LI>
    <LI>Add &lt;virtual host 200.200.200.50&gt; ..... &lt; /virtualhost&gt; to your httpd.conf file.<BR><BR></LI>
    <LI>Add 200.200.200.50 to your /etc/hosts or DNS database files.<BR><BR></LI>
    <LI>Repeat from <STRONG>Step 1.</STRONG> with dummy1 if so desired.<BR><BR></LI>
  </OL>
  
  <P>Good luck.</P>
  
  </BODY>
  </HTML>
  
  
  
  1.1                  httpd-site/xdocs/info/apache_users.html
  
  Index: apache_users.html
  ===================================================================
  <HTML>
  <HEAD>
  <TITLE>Users of Apache</TITLE>
  </HEAD>
  <!-- Background white, links blue (unvisited), navy (visited), red (active) -->
  <BODY
   BGCOLOR="#FFFFFF"
   TEXT="#000000"
   LINK="#0000FF"
   VLINK="#000080"
   ALINK="#FF0000"
  >
  <DIV ALIGN="CENTER">
  <IMG
   SRC="../images/apache_sub.gif"
   ALT="[APACHE DOCUMENTATION]"
  >
  </DIV>
  
  <H1 ALIGN="CENTER">
  The<BR>"Proud to run <A HREF="/">Apache</A>"<BR>list</H1>
  
  <P>
  This is a list of sites that <STRONG>asked</STRONG> to be recorded
  as running Apache.
  </P>
  
  <P>
  The list represents only a small fraction of the total number of sites
  that run Apache. See the link(s) at the bottom of this page for pointers
  to much larger lists.
  </P>
  
  <DL>
  <DT><A HREF="http://www.apache.org/">The Apache Project</A></DT>
    <DD>The developers trust it  :-)</DD>
  
  <HR WIDTH="20%">
  
  <HR><P>
  <STRONG>
  <A HREF="#ahook">A</A> | <A HREF="#bhook">B</A> | <A HREF="#chook">C</A> | <A HREF="#dhook">D</A> | <A HREF="#ehook">E</A> | <A HREF="#fhook">F</A> | <A HREF="#ghook">G</A> | <A HREF="#hhook">H</A> | <A HREF="#ihook">I</A> | <A HREF="#jhook">J</A> | <A HREF="#khook">K</A> | <A HREF="#lhook">L</A> | <A HREF="#mhook">M</A> | <A HREF="#nhook">N</A> | <A HREF="#ohook">O</A> | <A HREF="#phook">P</A> | <A HREF="#qhook">Q</A> | <A HREF="#rhook">R</A> | <A HREF="#shook">S</A> | <A HREF="#thook">T</A> | <A HREF="#uhook">U</A> | <A HREF="#vhook">V</A> | <A HREF="#whook">W</A> | <A HREF="#xhook">X</A> | <A HREF="#yhook">Y</A> | <A HREF="#zhook">Z</A>
  </STRONG>
  <P><HR>
  
  <P><DT><STRONG>A...</STRONG></DT>
  
  <A NAME="ahook"></A>
  <DT><A HREF="http://www.abast.es/">Abast Systems, S.A.</A></DT>
    <DD>An HP service provider at Barcelona</DD>
  
  <DT><A HREF="http://www.achilles.net/">Achilles Internet Ltd.</A></DT>
    <DD>Internet Service and Presence Provider in Ottawa, Ontario, Canada.</DD>
  
  <DT><A HREF="http://www.adnet.ie/">Adnet - Ireland's Interactive Resource Directory</A></DT>
    <DD>Fred Hanna's Bookstore, U2 Interview, Knickerbox Lingerie, the Explorer magazine, and much more...</DD>
  
  <DT><A HREF="http://www.adsweb.com/">ADSweb</A></DT>
    <DD>A webspace provider in St. Louis, MO</DD>
  
  <DT><A HREF="http://www.advcs.com/">Advanced Computing Solutions</A></DT>
    <DD>The best prices on software, hardware and related accessories on the 'Net!</DD>
  
  <DT><A HREF="http://nz.com/">Akiko International</A></DT>
    <DD>New Zealand on the Web</DD>
  
  <DT><A HREF="http://ugweb.cs.ualberta.ca">University of Alberta Computing Science</A></DT>
    <DD>University of Alberta Undergraduate Computing Science Labs</DD>
  
  <DT><A HREF="http://www.algonet.se">Algonet</A></DT>
    <DD>Algonet - Your Internetsupplier in Sweden.</DD>
  
  <DT><A HREF="http://www.aros.net/">ArosNet</A></DT>
    <DD>An ISP in Salt Lake City, UT.  Complete solutions for business.</DD>
  
  <DT><A HREF="http://www.atlantic.com/">Atlantic Computing Technology Corporation</A></DT>
    <DD>An Internet consulting firm in Connecticut</DD>
  
  <DT><A HREF="http://www.nla.gov.au">National Library of Australia</A></DT>
  
  <DT><A HREF="http://ftp.ua.pt/">University of Aveiro Software Archive</A></DT>
    <DD>The biggest software archive in Portugal</DD>
  
  <DT><A HREF="http://www.axxel.nl/">The Home of AXXEL.NL Internet</A></DT>
    <DD>We trust the developers who trust Apache...:-)</DD>
  
  <A NAME="bhook"></A>
  <P><DT><STRONG>B...</STRONG></DT>
  
  <DT><A HREF="http://www.bns.ee/">Baltic News Service</A></DT>
   <DD>Newswire about Baltics</DD>
  
  <DT><A HREF="http://www.blackhills.com/">Internet Services of the Black Hills</A></DT>
    <DD>3 websites up, more to come ;-)</DD>
  
  
  <DT><A HREF="http://www.bayscenes.com/">BayScenes</A></DT>
    <DD>Unique products and services of Northern California</DD>
  
  <DT><A HREF="http://BowlingGreen.KY.net/">Bowling Green, KY</A></DT>
  <DD>Bowling Green's Internet presence (<A HREF="http://www.KY.net/kiwi/">KIWI</A>)</DD>
  
  <DT><A HREF="http://www.telescope.org/">Bradford Robotic Telescope</A></DT>
    <DD>An autonomous telescope controlled by the Web</DD>
  
  <DT><A HREF="http://www.buzznet.com/">Buzznet</A></DT>
    <DD>The cultural voice of the online generation</DD>
  
  <A NAME="chook"></A>
  <P><DT><STRONG>C...</STRONG></DT>
  
  <DT><A HREF="http://www.epibiostat.ucsf.edu/">University of California San Francisco Department of Epidemiology and Biostatistics</A></DT>
    <DD>Maintainers of the World Wide Web Virtual Library: Epidemiology Page</DD>
  
  <DT><A HREF="http://ucsee.EECS.Berkeley.EDU/">University of California Society of Electrical Engineers</A></DT>
    <DD>Student-run server at the University of California at Berkeley.</DD>
  
  <DT><A HREF="http://www.caprica.com/">Caprica Internet Services</A></DT>
    <DD>Southern California's Original Internet Provider!</DD>
  
  <DT><A HREF="http://www.cm.cf.ac.uk/">Cardiff University Computer Science</A></DT>
    <DD>Home for the Interenet Movie Database and more.</DD>
  
  <DT><A HREF="http://www.careersite.com/">Virtual Resources' <EM>CareerSite</EM> employment service</A></DT>
  <DD>Concept&#173;based profile matching helps job hunters & human resources.</DD>
  
  <DT><A HREF="http://www.cetlink.net/">CetLink.Net</A></DT>
    <DD>South Carolina ISP and advanced networking services company.</DD>
  
  <DT><A HREF="http://www.cistron.nl/">Cistron Internet Services</A></DT>
    <DD>An independent Dutch Internet provider.</DD>
  
  <DT><A HREF="http://www.cityline.it">CityLine</A></DT>
    <DD>Internet business service in Brescia (Italy)</DD>
  
  <DT><A HREF="http://www.dom.de/">DOM -&gt;Cologne - where else?</A></DT>
    <DD>The best smelling machine on the WEB 8-()</DD>
  
  <DT><A HREF="http://www.cts.richmond.va.us/">Commonwealth Technical Services</A></DT>
    <DD>Custom built computers, Web services, netowrking, etc...</DD>
  
  <DT><A HREF="http://www.c2.org/">Community ConneXion</A></DT>
    <DD>ISP in Berkeley, CA. Specializes in privacy.</DD>
  
  <DT><A HREF="http://www.tcp.com/">The Commnet Projetc</A></DT>
    <DD>Anime Archives, e-zines and personal web pages</DD>
  
  <DT><A HREF="http://www.compusult.nf.ca/">Compusult Limited</A></DT>
      <DD>Software Development and Systems Integration</DD>
  
  <DT><A HREF="http://www.cdepot.net/">The Computer Depot</A></DT>
    <DD>Amador County, California, Internet Provider</DD>
  
  <DT><A HREF="http://www.cforc.com/">Computers For Christ</A></DT>
    <DD>Christian Computer Ministry</DD>
  
  <DT><A HREF="http://www.cst.com.au/">Creative Software Technologies</A></DT>
    <DD>Videoconferencing and multimedia applications</DD>
  
  <DT><A HREF="http://www.univ-rennes1.fr/">CRI Universite de Rennes 1 (France)</A></DT>
    <DD>Many thanks to the APACHE team.</DD>
  
  <DT><A HREF="http://cyberspc.mb.ca/">Cyberspace Online Information Services</A></DT>
    <DD>ISP - Winnipeg, Manitoba, Canada</DD>
  
  <A NAME="dhook"></A>
  <P><DT><STRONG>D...</STRONG></DT>
  
  <DT><A HREF="http://www.dal.net/">The DALnet IRC Network</A></DT>
   <DD>Friendly, easy-to-use, secure, fun Internet communication.</DD>
  
  <DT><A HREF="http://www.dataway.ch/">dataway</A></DT>
    <DD>An Internet Service and WWW Provider in Winterthur, Switzerland.</DD>
  
  <DT><A HREF="http://www.davidbowie.com/">David Bowie Outside</A></DT>
    <DD>Tour info, sound samples, concepts and other happenings<DD>
  
  <DT><A HREF="http://www.cardinal.wisc.edu/">The Digital Cardinal at the 
  UW-Madison</A></DT>
    <DD>The UW-Madison's student newspaper</DD>
  
  <DT><A HREF="http://www.digimark.net/">Digital Marketing, Inc.</A></DT>
    <DD>Comprehensive Internet Presence Services.</DD>
  
  <DT><A HREF="http://www.reflections.com.au">Digital Reflections</A></DT>
    <DD>Giving YOU an Internet Presence.</DD>
  
  <DT><A HREF="http://www.daft.com/">Discordian Alliance For Teaching</A></DT>
    <DD>Installation, maintenance and training for Information Publishing on the N
    et.</DD>
  
  <DT><A HREF="http://www.discpro.org/">DISCovery Productions</A></DT>
   <DD>Dedicated to regional and ethnic folk music (emphasis on Flamenco and Andean)</DD>
  
  <DT><A HREF="http://www.dragon.net.au/">Dragon Net</A></DT>
    <DD>Internet Service Provider and Web Developers in Syndey, AUSTRALIA.
  
  <A NAME="ehook"></A>
  <P><DT><STRONG>E...</STRONG></DT>
  
  <DT><A HREF="http://www.ecstatic.com/">Ecstatic Communications</A></DT>
    <DD>Multimedia Productions (Apache on MachTen 2.2 Unix on MacOs 7.5.1 Rules!)</DD>
  
  <DT><A HREF="http://www.ekspress.ee/">Eesti Ekspress</A></DT>
   <DD>Estonian Ekspress - largest weekly newspaper in Estonia</DD>
  
  <DT><A HREF="http://www.efrei.fr/">EFREI</A></DT>
    <DD>Ecole Francaise d'Electronique et d'Informatique - PARIS</DD>
  
  <DT><A HREF="http://www.empire.net/">Empire.Net, Inc.</A></DT>
    <DD>Full Service WWW Hosting and Design Internet Provider</DD>
  
  <DT><A HREF="http://equinet.com/">EQUINET - Horses! on the Internet</A></DT>
    <DD>Premier site for equestrian products, services and the buying &amp; selling horses.</DD>
  
  <DT><A HREF="http://www.esquadro.com.br/">Esquadro ISP</A></DT>
    <DD>Internet Acess and Service Provider in Rio de Janeiro, Brazil:-)</DD>
  
  <DT><A HREF="http://travel.digit.ee/">Estonian Travel Guide</A></DT>
   <DD>Your source to Estonian travel information</DD>
  
  <DT><A HREF="http://www.efi.joensuu.fi/">European Forest Institute</A></DT>
    <DD>An independent non-governmental organization conducting European forest research</DD>
  
  <DT><A HREF="http://www.imec.be/europractice/europractice.html">The EUROPRACTICE Project</A></DT>
    <DD>The Small Volume and Prototype Silicon Processing Initiative of the EEC</DD>
  
  <DT><A HREF="http://www.xtc.net/">Expanding Technologies</A></DT>
    <DD>NorthEast Tennessee's hottest ISP / Web Developer</DD>
  
  <A NAME="fhook"></A>
  <P><DT><STRONG>F...</STRONG></DT>
  
  <DT><A HREF="http://www.flora.ottawa.on.ca/">Flora St. Community WEB</A></DT>
    <DD>Home/volunteer site of consultant: Flora St,Ottawa,Canada.</DD>
  
  <DT><A HREF="http://www.teaser.fr/">France-Teaser</A><DT>
    <DD>French Internet Service Provider</DD>
  
  <DT><A HREF="http://www.frankfurt.de/">Frankfurt Digital Marketplace</A></DT>
    <DD>The Frankfurt server</DD>
  
  <DT><A HREF="http://www.freebsd.org/">FreeBSD</A></DT>
    <DD>FreeBSD Web Site</DD>
    
  <A NAME="ghook"></A>
  <P><DT><STRONG>G...</STRONG></DT>
  
  <DT><A HREF="http://www.galaxy.net/">Galaxy Networks</A></DT>
    <DD>Internet Service Provider and Web Site in New Jersey</DD>
  
  <DT><A HREF="http://www.getnet.com/">GetNet International</A></DT>
    <DD>Internet Service/Network/Presence Provider, Phoenix, AZ</DD>
  
  <DT><A HREF="http://www.gospelcom.net/">Gospel Communications Network</A></DT>
    <DD>Online Christian Resources</DD>
  
  <DT><A HREF="http://bull.got.kth.se">BULL.GOT.KTH.SE</A></DT>
   <DD>The student's server at the Gotland College of Higher Education</DD>
  
  <DT><A HREF="http://www.greyhawkes.com/">Greyhawkes Cyberservices</A></DT>
    <DD> Web Services, Consulting & Training</DD>
  
  <A NAME="hhook"></A>
  <P><DT><STRONG>H...</STRONG></DT>
  
  <DT><A HREF="http://www.rvs.uni-hannover.de/">University of Hannover, RVS</A></DT>
    <DD>Lehrgebiet Rechnernetze und Verteilte Systeme</DD>
  
  <DT><A HREF="http://harvard.net/">HarvardNET</A></DT>
    <DD>Internet Service Provider in Boston, 5 BSDI Web Servers, 100+ virtual domains</DD>
  
  <DT><A HREF="http://www.hway.com/">Hiway Technologies, Inc.</A></DT>
    <DD>Specializing in virtual domain web space rental.</DD>
  
  <DT><A HREF="http://www.ci.houston.tx.us">The City of Houston, Texas</A></DT>
    <DD>The City of Houston, Texas WWW Server</DD>
  
  <DT> <A HREF="http://www.uth.tmc.edu/">The UT Houston Health Science Center</A>
    <DD>Information Resources for UTH faculty, staff and students.
  
  <DT><A HREF="http://www.nightflight.com/">Home Page Services, Free Classified Ads</A></DT>
    <DD>Low cost, high quality  :-)</DD>
  
  <DT><A HREF="http://www.station.net/">Hong Kong Internet Station</A></DT>
    <DD>A ISP in Hong Kong. We run both Apache and Apache+SSL.</DD>
  
  <DT><A HREF="http://www.hotwired.com/">HotWired</A></DT>
   <DD>No description necessary.</DD>
  
  <DT><A HREF="http://www.hyperreal.org/">Hyperreal</A></DT>
   <DD>The Techno/Ambient/Alternative Culture Archives</DD>
  
  <DT><A HREF="http://www.hypersurf.com/">Hypersurf Internet Services</A></DT>
    <DD>Hypersurf provides dialup, as well as web hosting to the East SF Bay Area</DD>
  
  <A NAME="ihook"></A>
  <P><DT><STRONG>I...</STRONG></DT>
  
  <DT><A HREF="http://www.IdeaCafe.com/">Idea Cafe</A></DT>
    <DD>The Small Business Gathering Place...</DD>
  
  <DT><A HREF="http://www.io.com">Illuminati Online</A></DT>
    <DD>The online services division of Steve Jackson Games</DD>
  
  <DT><A HREF="http://www.indra.com/">Indra's Net, Inc </A></DT>
    <DD>An Internet access and Web presence provider based in Boulder,Colorado</DD>
  
  <DT><A HREF="http://www.InfoStreet.com/">InfoStreet, Inc.</A></DT>
    <DD>Commercial Web Weaving and Web Hosting Provider specializing in turn key solutions</DD>
  
  <DT><A HREF="http://www.infinityweb.com/">InfinityWeb Communications</A></DT>
      <DD>Design and/or Hosting with offices in Honolulu, Tampa, and Tucson.</DD>
  
  <DT><A HREF="http://www.InstantWeb.com/">Instant Web Sites</A></DT>
    <DD>Fill in a simple form and instantly get your own Web site.</DD>
  
  <DT><A HREF="http://www.mineral.tu-freiberg.de/">Institute of Mineralogy</A></DT>
    <DD>Freiberg University of Mining and Technology (Germany)</DD>
  
  <DT><A HREF="http://www.inta.net/">IntaNET Communications</A></DT>
    <DD>After testing several servers, IntaNET chose Apache for its versatility and reliability.</DD>
  
  <DT><A HREF="http://www.nfld.com/">InterActions</A></DT>
      <DD>Internet Service Provider, Mount Pearl, NF, Canada</DD>
  
  <DT><A HREF="http://www.icsi.net/">Internet Connect Services, Inc.</A></DT>
    <DD>ICSI's Primary WWW Server - Running 40+ Virtual Domains</DD>
  
  <DT><A HREF="http://www.netdoor.com/">Internet Doorway, Inc</A></DT>
     <DD>Internet Service Provider in Jackson, Mississippi</DD>
  
  <DT><A HREF="http://www.webnet.com.au/">Internet Interface Systems</A></DT>
   <DD>ISP in Melbourne, Australia</DD>
  
  <DT><A HREF="http://uk.imdb.com/">Internet Movie Database (UK)</A></DT>
   <DD>The web's biggest and best movie resource.</DD>
  
  <DT><A HREF="http://us.imdb.com/">Internet Movie Database (US)</A></DT>
   <DD>The web's biggest and best movie resource.</DD>
  
  <DT><A HREF="http://www.spies.com/">The Internet Wiretap</A></DT>
     <DD><A HREF="http://wiretap.spies.com">Electronic texts</A> and personal publishing.</DD>
  
  <DT><A HREF="http://www.interpac.net/">Inter-Pacific Networks</A></DT>
    <DD>Big Island of Hawaii Premire Internet Service Provider</DD>
  
  <DT><A HREF="http://www.is.kiruna.se/">Information Society, Kiruna, Sweden</A></DT>
  <DD>Information should be free (and powered by Apache)</DD>
  
  <A NAME="jhook"></A>
  <P><DT><STRONG>J...</STRONG></DT>
  
  <DT><A HREF="http://www.ju.edu/">Jacksonville University</A></DT>
    <DD>Making changes in College Education!</DD>
  
  <DT><A HREF="http://www.sjis.com">South Jersey Internet Services</A></DT>
     <DD>Webmaster/Web Service Providers.  We love Apache!</DD>
  
  <A NAME="khook"></A>
  <P><DT><STRONG>K...</STRONG></DT>
  
  <DT><A HREF="http://www.kemmunet.net.mt/">Kemmunet Ltd</A></DT>
    <DD>Kemmunet is an Internet Service Provider in the island.</DD>
  
  <DT> <A HREF="http://www.dbnet.ece.ntua.gr"> Knowledge and Data Base Systems Laboratory </A></DT>
    <DD> based at the National Technical University of Athens, GREECE </DD>
  
  <A NAME="lhook"></A>
  <P><DT><STRONG>L...</STRONG></DT>
   
  <DT><A HREF="http://www.lansoft.com/">LANsoft U.S.A.</A></DT>
    <DD>Commercial Email To Internet Provider</DD>
  
  <DT><A HREF="http://www.lls.se/">Lightning Line Service</A></DT>
    <DD>Swedish Internet provider & WWW hotel located in Gothenburg</DD>
  
  <DT><A HREF="http://www.links.net/">Links from the Underground</A></DT>
    <DD>A collection of writings and pointers from net.superstar Justin Hall</DD>
  
  <DT><A HREF="http://www.littleblue.com">Little Blue Productions</A></DT>
    <DD>Web space provider in Kansas City, powered by Apache on Silcon Graphics.</DD>
  
  <DT><A HREF="http://xxx.lanl.gov/">XXX e-print archives at Los Alamos National Lab</A></DT>
    <DD>Repository for electronic publishing in the fields of physics, math and more.</DD>
  
  <DT><A HREF="http://www.louisville.edu/">The University of Louisville</A></DT>
    <DD>Univ. of Lou.  Louisville, KY.  Main WWW server.</DD>
  
  <DT><A HREF="http://www.lth.se/">Lund Institute of Technology</A></DT>
    <DD>The technical faculty at Lund University in the south of Sweden</DD>
  
  <A NAME="mhook"></A>
  <P><DT><STRONG>M...</STRONG></DT>
  
  <DT><A HREF="http://www.madcap.com/">MadCap</A><DT>
    <DD>A San Francisco Geek Arcology/Consulting Group</DD>
  
  <DT><A HREF="http://www.magpage.com/">The Magnetic Page</A></DT>
    <DD>An internet service provider for Delaware, Maryland, and Pennsylvania.</DD>
  
  <DT><A HREF="http://WWW.Zmall.Com/">Mall of Cyberspace</A></DT>
    <DD>Your Storefront on the Information Superhighway</DD>
  
  <DT><A HREF="http://www.mediabridge.com">Mediabridge Infosystems</A></DT>
    <DD>Custom Web and other Internet servers</DD>
  
  <DT><A HREF="http://www.metwest.com/">Metwest.com</A></DT>
    <DD>Commercial low cost web services Serving Metro-West/Boston.</DD>
  
  <DT><A HREF="http://www.ml.ee/">Microlink</A></DT>
   <DD>Microlink computer manufacturer</DD>
  
  <DT><A HREF="http://www.mwci.net/">Midwest Communications Inc.</A></DT>
    <DD>Nationwide Internet and Web Service Provider</DD>
  
  <DT><A HREF="http://www.state.net/">Minnesota OnLine</A></DT>
    <DD>Minnesota's Premier Access Provider</DD>
  
  <DT><A HREF="http://www.msstate.edu/">Mississippi State University</A></DT>
    <DD>US mirror of the Internet Movie Database and Fineart Forum online</DD>
  
  <DT><A HREF="http://www.modcomp.com/">MODCOMP</A></DT>
    <DD>A vendor of realtime low-latency computer systems</DD>
  
  <DT><A HREF="http://jamcha.witness.com/">More Email BBS</A><DT>
  
  <DT><A HREF="http://www.musicblvd.com/">Music Boulevard</A></DT>
    <DD>Music CDs, samples, magazines, and more</DD>
  
  <A NAME="nhook"></A>
  <P><DT><STRONG>N...</STRONG></DT>
  
  <DT><A HREF="http://www.netaxis.com/">NETAXIS</A></DT>
    <DD>Your On-line Marketing and Communications Resource</DD>
  
  <DT><A HREF="http://Nettvik.no/">Nettvik</A></DT>
    <DD>Norway's fastest growing town.</DD>
  
  <DT><A HREF="http://www.netway.it/">Netway Italia S.r.l.</A></DT>
    <DD>Full Internet Service Provider, Naples, Italy</DD>
  
  <DT><A HREF="http://www.gatewy.net/"> New Orleans Gateway</A></DT>
    <DD>New Orleans most affordable Full Internet Service.  Come visit us.</DD>
  
  <DT><A HREF="http://www.next.com.au">Next Online</A></DT>
    <DD>Internet Presence Provider, Sydney, Australia</DD>
  
  <DT><A HREF="http://www.northsea.com/">North Sea, Ltd.</A></DT>
    <DD>Internet-Based Health Care Analyis and Provider Management Systems.</DD>
  
  <DT><A HREF="http://marg.ntu.ac.uk/">Nottingham Trent University,Department of Manufacturing Engineering</A></DT>
    <DD>Web server run by the Manufacturing Automation Research Group</DD>
  
  <DT><A HREF="http://nps.venture-web.or.jp">NPS Inc.</A></DT>
    <DD>A Japanese trading company with anb internet twist.</DD>
  
  <DT><A HREF="http://www.cas.unt.edu/">The University of North Texas College of A
  rts and Sciences</A></DT>
    <DD>Running under FreeBSD v2.x since apache_0.6.5.</DD>
  
  <DT><A HREF="http://www.nucleus.com/">Nucleus Inc.</A></DT>
    <DD>Specializing in Web Advertising. Internet Provider for the Calgary Area</DD>
  
  <DT><A HREF="http://www.nueva.pvt.k12.ca.us/">The Nueva School</A></DT>
    <DD>An independent K-8 school in Hillsborough, California.</DD>
  
  <A NAME="ohook"></A>
  <P><DT><STRONG>O...</STRONG></DT>
  
  <DT><A HREF="http://oasi.shiny.it/">OASI Association - Asti, Italy</A></DT>
    <DD>The one and only I.T. power group in our town. Linux + little RAM = Apache :)</DD>
  
  <DT><A HREF="http://www.omnes.net/">Omnes</A></DT>
    <DD>Omnes - global communications solutions</DD>
  
  <DT><A HREF="http://www.opencad.com/">OpenCAD International, Inc.</A></DT>
     <DD>Web Prescence Providers in Santa Monica, California</DD>
  
  <DT><A HREF="http://www.organic.com/">Organic Online</A></DT>
   <DD>Web Site Developers/Networked Hypermedia Designers</DD>
  
  <DT><A HREF="http://www.lib.ox.ac.uk/">Oxford University Libraries Automation Service</A></DT>
    <DD>Running Apache under FreeBSD</DD>
  
  <A NAME="phook"></A>
  <P><DT><STRONG>P...</STRONG></DT>
  
  <DT><A HREF="http://www.pacinfo.com/">PacInfo</A></DT>
    <DD>Internet Service Provider in Eugene, Oregon</DD>
  
  <DT><A HREF="http://www.pasadena.net/">Network Pasadena</A></DT>
    <DD>Wide area network services, domestic and international.</DD>
  
  <DT><A HREF="http://www.passageway.com/">Passageway Communications</A></DT>
    <DD>Calgary's Presence Provider</DD>
  
  <DT><A HREF="http://www.pair.com/">pair Networks</A></DT>
    <DD>Web presence provider</DD>
  
  <DT><A HREF="http://www.pcug.co.uk/">PC User Group (UK)</A></DT>
    <DD>The PC Users' Group in the UK</DD>
  
  <DT><A HREF="http://www.Phoenix.Volant.ORG">Phoenix Volant</A></DT>
    <DD>A consulting service/personal site/webspace provider.</DD>
  
  <DT><A HREF="http://www.pindar.co.uk">Pindar plc</A></DT>
    <DD>Printing company based in York, UK.</DD>
  
  <DT><A HREF="http://planet-hawaii.com/">Planet Hawaii</A></DT>
    <DD>Hawaii's web site for travel, culture, business, and shopping information</DD>
  
  <DT><A HREF="http://pleasure.com/">Pleasure Unlimited</A></DT>
    <DD>Your run of the mill adult site</DD>
  
  <DT><A HREF="http://www.programmers.net/">Programmer's WEB</A></DT>
    <DD>The first italian WEB for developers</DD>
  
  <DT><A HREF="http://www.glue.umd.edu/">Project Glue</A></DT>
    <DD>University of Maryland at College Park</DD>
  
  <A NAME="qhook"></A>
  <P><DT><STRONG>Q...</STRONG></DT>
  
  <DT><A HREF="http://www.quake.net/">QuakeNet Internet Services</A></DT>
    <DD>We use Apache and CyberCash to make Internet Commerce a reality.</DD>
  
  <A NAME="rhook"></A>
  <P><DT><STRONG>R...</STRONG></DT>
  
  <DT><A HREF="http://www.ravens-nest.com/">The Raven's Nest</A></DT>
    <DD>Design & develop corporate internet strategies and solutions</DD>
  
  <DT><A HREF="http://www.module.vympel.msk.ru/">Research Centre "Module"</A></DT>
    <DD>Internet Service Provider in Moscow, Russia. Apache Project HTTP-mirror.</DD>
  
  <DT><A HREF="http://www.rsp.com.au/">Rising Sun Pictures</A></DT>
    <DD>3D Animation and Visual Effects for Film and Television</DD>
  
  <DT><A HREF="http://inet-unx.unisys.nl/robegids/html/US/home.htm">The Rob&eacute Directory</A></DT>
    <DD>The on-line database containing more than 110,000 companies in The Netherlands</DD>
  
  <A NAME="shook"></A>
  <P><DT><STRONG>S...</STRONG></DT>
  
  <DT><A HREF="http://sapo.ua.pt/">SAPO - Servidor de Apontadores Portugueses</A></DT>
    <DD>Exhaustive list of Pointers to Portuguese Servers</DD>
  
  <DT><A HREF="http://www.pbm.com/">Shadow Island Games</A></DT>
    <DD>A play-by-net gaming company</DD>
  
  <DT><A HREF="http://www.siam.net/">SiamGuide to Thailand</A></DT>
    <DD>Commercial Web Development service in Thailand  :-)</DD>
  
  <DT><A HREF="http://www.sierraclub.org/">Sierra Club</A></DT>
    <DD>A non-profit organization promoting conservation of the environment</DD>
  
  <DT><A HREF="http://skynet.ul.ie/">Skynet</A></DT>
    <DD>The University of Limerick Comp. Soc., appreciating Apache's performance</DD>
  
  <DT><A HREF="http://soilcrop.tamu.edu">Soil & Crop Sciences, TAMU</A></DT>
    <DD>The departmental WWW server of Soil & Crop Sciences dept. at Texas A&M</DD>
  
  <DT><A HREF="http://www.sonoma.net/">Sonoma.Net</A></DT>
    <DD>An ISP hosting a growing list of different Websites...</DD>
  
  <DT><A HREF="http://www.stel.com">Stanford Telecommunications Inc.,</A></DT>
    <DD>Bringing you the world of communications through wireless and Web services.</DD>
  
  <DT><A HREF="http://www.Stardot.com/">Stardot Consulting</A></DT>
    <DD>Political resources and consulting on the Web</DD>
  
  <DT><A HREF="http://www.stonesworld.com/">Stones World</A></DT>
    <DD>Tour info, sound samples, audio/video streams, and happenings<DD>
  
  <DT><A HREF="http://www.dis.strath.ac.uk/">Information Science at Strathclyde University</A></DT>
   <DD>A surprisingly busy little site in Scotland.</DD>
  
  <DT><A HREF="http://www.suck.com/">Suck</A></DT>
       <DD>Hindenburg. Titanic. Edsel. Suck.</DD>
  
  <DT><A HREF="http://www.ee.ethz.ch/">Department of Electrical Engineering, Swiss Federal Institute of Technology Zurich</A></DT>
    <DD>Only the best is good enough ...</DD>
  
  <DT><A HREF="http://www.sjs.com/">sjs.com</A></DT>
    <DD>Systems & Network Consultant in Central Massachusetts</DD>
  
  <DT><A HREF="http://www.skl.com/">Systems Knowledge Link</A></DT>
    <DD>A full service Internet Provider in West Hill, Ontario  :-)</DD>
  
  <A NAME="thook"></A>
  <P><DT><STRONG>T...</STRONG></DT>
  
  <DT><A HREF="http://www.tbi.net/">Tampa Bay Interactive</A></DT>
    <DD>Quality Counts!</DD>
  
  <DT><A HREF="http://www.ton.tut.fi/"></A></DT>
    <DD>Tampere District Student Housing Foundation (TOAS)</DD>
  
  <DT><A HREF="http://www.targed.org.uk">TARGED North West Wales Training & Enterprise Council Ltd</A></DT>
    <DD>Linux based Apache server.</DD>
  
  <DT><A HREF="http://www.tecnet.com/">TECNET</A></DT>
    <DD>The Worldwide Classifieds for New and Used Hi-Tech Equipment</DD>
  
  <DT><A HREF="http://www.teksouth.com/">Teksouth Corporation</A></DT>
    <DD>Network printing products and high-tech personnel services.</DD>
  
  <DT><A HREF="http://www.telebase.com/">Telebase Systems</A></DT>
    <DD>Information providers to the world</DD>
  
  <DT><A HREF="http://www.tembel.org/">Tembel's Hedonic Commune</A></DT>
    <DD>Tembel's Hedonic Commune external server (also used internally).</DD>
  
  <DT><A HREF="http://stimpy.music.ua.edu/">TEMPUS - The University of Alabama Sch
  ool of Music</A></DT>
    <DD>Perhaps the oldest web server in the state of Alabama</DD>
  
  <DT><A HREF="http://www.terraware.net/">TerraWare Systems</A></DT>
    <DD>Making software that is biodegradable and containing no Phosphates!</DD>
  
  <DT><A HREF="http://www.metronet.com/">Texas Metronet</A></DT>
    <DD>Internet Service Provider for Dallas/Fort Worth</DD>
  
  <DT><A HREF="http://trex.org">Trex, The place to visit</A></DT>
    <DD>a Full Service BBS and much more. Runs on a Solbourn 5e/602</DD>
  
  <DT><A HREF="http://troubador.com/">Troubador Systems Web Sites and Business Packages</A></DT>
    <DD>Personalized Service!!! for real...  :-)</DD>
  
  <DT><A HREF="http://www.uniserve.com/">TVS-UNIServe</A></DT>
    <DD>ISP and Web site developer for Vancouver</DD>
  
  <A NAME="uhook"></A>
  <P><DT><STRONG>U...</STRONG></DT>
  
  <DT><A HREF="http://xweb.com">Universal Algorithms, Inc.</A></DT>
    <DD>CollegeNET, Precision Guides, Schedule25, Equinet</DD>
  
  <DT><A HREF="http://wwwedms.redstone.army.mil">US Army JEDMICS EDMS Program Office</A></DT>
    <DD>Engineering Data Management Systems, Redstone Arsenal, Alabama</DD>
  
  <DT><A HREF="http://www.uu.net">UUNET/AlterNet technologies</A></DT>
    <DD>Internet Service Provider</DD>
  
  <A NAME="vhook"></A>
  <P><DT><STRONG>V...</STRONG></DT>
  
  <DT><A HREF="http://www.vicksburg.com/">Vicksburg Online</A></DT>
    <DD>Vicksburg, MS. Internet Service Provider</DD>
  
  <DT><A HREF="http://iuinfo.tuwien.ac.at/">Univ. of Technology Vienna, Dept's Support</A></DT>
    <DD>IU Info Service, Campus Software Service, Goodie Domain Service, Platform Support S.</DD>
  
  <DT><A HREF="http://www.v-site.net/">Virtual Sites</A></DT>
    <DD>A sense of Place in Cyberspace </DD>
  
  <DT><A HREF="http://www.vrx.net/">VRx Network Services INC.</A></DT>
    <DD>Internet Solutions Provider in Toronto, CANADA</DD>
  
  <A NAME="whook"></A>
  <P><DT><STRONG>W...</STRONG></DT>
  
  <DT><A HREF="http://www.law.washington.edu/">The University of Washington School of Law</A></DT>
    <DD>Linux-based Apache server since 0.6.2...</DD>
  
  <DT><A HREF="http://www.wadesign.co.uk/">WebArt Design</A></DT>
    <DD>Providing Internet and Web solutions to business. Located in the UK</DD>
  
  <DT><A HREF="http://www.webpub.com/">Web Publishers</A></DT>
    <DD>A Commercial Web Service Provider specializing in high-end clients.</DD>
  
  <DT><A HREF="http://websmith.ca/">The WebSmith Group</A></DT>
   <DD>Web site hosting and authoring, located in Ottawa, Ontario</DD>
  
  <DT><A HREF="http://www.win-uk.net/">WinNET Communications Ltd</A></DT>
    <DD>Internet Provider in the UK</DD>
  
  <DT><A HREF="http://wwns.com/wwns/">World Wide Network Services</A><DT>
    <DD>An Internet Presence Provider.  "Creating Your Image For The World" </DD>
  
  <A NAME="xhook"></A>
  <P><DT><STRONG>X...</STRONG></DT>
  <DT><A HREF="http://www.xensei.com/">Xensei</A></DT>
    <DD>The Xensei Corp.  Webmasters/ISP who love Apache.</DD>
  
  <A NAME="yhook"></A>
  
  <A NAME="zhook"></A>
  <P><DT><STRONG>Z...</STRONG></DT>
  
  <DT><A HREF="http://www.zycad.com/">Zycad</A></DT>
    <DD>Suppliers of EDA acceleration products</DD>
  
  <DT><A HREF="http://www.zyzzyva.com/">Zyzzyva Enterprises</A></DT>
    <DD>Commercial Web Development Services</DD>
  
  </DL>
  
  
  <HR><P>
  <STRONG>
  <A HREF="#ahook">A</A> | <A HREF="#bhook">B</A> | <A HREF="#chook">C</A> | <A HREF="#dhook">D</A> | <A HREF="#ehook">E</A> | <A HREF="#fhook">F</A> | <A HREF="#ghook">G</A> | <A HREF="#hhook">H</A> | <A HREF="#ihook">I</A> | <A HREF="#jhook">J</A> | <A HREF="#khook">K</A> | <A HREF="#lhook">L</A> | <A HREF="#mhook">M</A> | <A HREF="#nhook">N</A> | <A HREF="#ohook">O</A> | <A HREF="#phook">P</A> | <A HREF="#qhook">Q</A> | <A HREF="#rhook">R</A> | <A HREF="#shook">S</A> | <A HREF="#thook">T</A> | <A HREF="#uhook">U</A> | <A HREF="#vhook">V</A> | <A HREF="#whook">W</A> | <A HREF="#xhook">X</A> | <A HREF="#yhook">Y</A> | <A HREF="#zhook">Z</A>
  </STRONG>
  <P><HR>
  
  <P>Send additions to <A HREF="mailto:running-apache@zyzzyva.com">running-apache@zyzzyva.com</A>,
  in the form of HTML &lt;DT&gt; and &lt;DD&gt; entries, e.g.
  
  <PRE>
  &lt;DT&gt;&lt;A HREF="http://www.apache.org/"&gt;The Apache Project&lt;/A&gt;&lt;/DT&gt;
    &lt;DD&gt;The developers trust it  :-)&lt;/DD&gt;
  </PRE>
  
  <P>Any description over 80 characters will be truncated.</P>
  
  <P>See <A HREF="http://www.netcraft.com/Survey">http://www.netcraft.com/Survey</A> for Netcraft's survey of Apache (and other servers) usage.</P>
  
  <HR>
  <P><STRONG>Disclaimer</STRONG>: just because these sites run Apache, doesn't 
  imply they offer good services, or that the Apache Project associates
  themsleves with the companies/organizations we list.</P>
  
  <HR>
  
  <P>Help spread the word... feel free to use the "Powered by Apache" logo (below) on your pages.</P>
  
  <P ALIGN="CENTER"><A HREF="../images/apache_pb.gif"><IMG BORDER=0
  SRC="../images/apache_pb.gif" ALT="Powered by Apache" WIDTH="259" HEIGHT="32"></A>
  </P>
  
  <HR>
  
  <P ALIGN="CENTER">
  <A HREF="/"><IMG SRC="../images/apache_home.gif" ALT="Home"></A>
  </P>
  
  
  </BODY>
  </HTML>
  
  
  
  1.1                  httpd-site/xdocs/info/how-to-mirror.html
  
  Index: how-to-mirror.html
  ===================================================================
  <HTML>
  <HEAD>
  <TITLE>How to Become a Mirror of the Apache Web Site</TITLE>
  </HEAD>
  <!-- Background white, links blue (unvisited), navy (visited), red (active) -->
  <BODY
   BGCOLOR="#FFFFFF"
   TEXT="#000000"
   LINK="#0000FF"
   VLINK="#000080"
   ALINK="#FF0000"
  >
  <DIV ALIGN="CENTER">
  <IMG SRC="../images/apache_sub.gif" ALT="[APACHE DOCUMENTATION]">
  </DIV>
  
  <H1 ALIGN="CENTER">How to Become a Mirror of the Apache Web Site</H1>
  
  Apache has over 150 different mirror sites around the world.  If you
  are in a part of the world which seems poory served by any existing
  mirror, we would encourage you to set up a local mirror of the
  www.apache.org web site for you and others in your part of the world to
  use.  So that others may find it, we'll list it on our "mirrors" web
  page, too.
  
  <H2>Requirements</H2>
  
  We have a few requirements for those wishing to run a mirror:
  
  <UL>
    <LI>You must carry the complete site, with no "local" changes.
    <LI>You must do an update-check at least twice a week.
    <LI>You must subscribe to the mailing list for mirror maintainers.
    <LI>Set the configuration <CODE>DocumentIndex index.html</CODE>.
    <LI>Enable server-side includes, i.e. <CODE>Options Includes</CODE> or
        <CODE>Options IncludesNoExec</CODE>.
  </UL>
  
  Note that the site, as of this writing (June 2000) is approximately 360
  megabytes.
  
  <P>
  
  More requirements may be placed at some point in the future, but for
  now that's all there is.  There are a couple things which are highly
  recommended:
  
  <UL>
    <LI>Run your mirroring software between midnight and 4am Pacific Standard Time
        (8am-noon GMT) when traffic to www.apache.org is at its lowest.
    <LI>Consider also making the "dist" subdirectory. 
  </UL>
  
  <H2>Mirroring Techniques</H2>
  
  There are a couple different ways to mirror the Apache web site.  Here
  is the list of ways we make available, in order of decreasing preference:
  
  <OL> 
  
  <LI>Use Rsync.  Rsync is similar to cvsup, but (in theory) more widely
  ported, and uses hashes rather than CVS versions to watch for
  differences.  You can find details on rsync at <A
  HREF="http://rsync.samba.org/"> http://rsync.samba.org/</A>.  You
  might want to call it using the following arguments, for example:
  
  <P><UL><CODE>rsync -rtlzv --delete --exclude incoming
  dev.apache.org::apache-site /local/path/to/mirror</CODE></UL>
  
  <P>You can also just do a <CODE>rsync dev.apache.org::</CODE> to get a
  list of rsync modules available.
  
  <P>
  
  <LI>Use the "CVSup" package.  This is a package which uses the
  versioning scheme in CVS to determine exactly which parts of which
  files changed between accesses, and is thus by far the most efficient
  mechanism for transferring files.  The best place to find out more
  about CVSup is at the CVSup FAQ, at <A
  HREF="http://www.polstra.com/projects/freeware/CVSup/faq.html">
  http://www.polstra.com/projects/freeware/CVSup/faq.html</A>.  There
  are binaries for Linux, *BSD, Solaris, SunOS, Alpha/OSF-1, HPPA-10.20,
  and Irix 6.
  
  <P>After you've set up the client binary, use the following as a "supfile":
  
  <BLOCKQUOTE><PRE>
  *default host=dev.apache.org
  *default base=(wherever you want)
  *default prefix=(wherever you want)
  *default release=cvs
  apache-fullsite
  </BLOCKQUOTE></PRE>
  
  <P>
  
  Of course, you can also fetch the Apache 1.2 and 1.3 CVS trees
  (<CODE>apache-1.2</CODE> or <CODE>apache-1.3</CODE>), just the docs
  for each of those (<CODE>apache-1.2-docs</CODE> or
  <CODE>apache-1.3-docs</CODE>), the binary distributions
  (<CODE>apache-dist</CODE>) and even the mod_perl CVS tree
  (<CODE>modperl</CODE>).  
  
  <P>
  
  <LI>Use the <A
  HREF="http://www.apache.org/docs/mod/mod_proxy.html">proxy module</A>
  in Apache to "pass-through" requests to the central Apache web site.
  Set up the following in the configuration for your mirror:
  
  <PRE>
  ProxyPass / http://www.apache.org/
  CacheDefaultExpire 24
  </PRE>
  
  Every request which then comes into this server will be passed along
  to www.apache.org, unless the object is already in your local cache
  and is less than 24 hours old.
  
  </OL>
  
  We do not recommend the use of Web spiders, or HTTP equivalents to the
  "mirror.pl" package, as every object needs to get a HEAD request every
  time it is checked, which is a very inefficient mechanism for seeing
  what's been updated on an entire site.
  
  <p>
  
  It is not possible to mirror via ftp. The other methods are also far
  more efficient so you will be pleased after setting them up.
  
  <H2>Inform us!</H2>
  
  Once the site is set up, send mail to <A
  HREF="mailto:mirror-submit@apache.org">mirror-submit@apache.org</A> to let us know
  it's been set up, and we'll add it to the list of mirrors.  Please be
  patient if it takes a little while to respond.
  
  <P>
  
  The mailing list for mirror maintainers can be joined by sending mail
  to "mirrors-subscribe@apache.org". 
  
  <P>
  
  Good luck!
  
  </BODY></HTML>
  
  
  
  
  1.1                  httpd-site/xdocs/info/in_the_news.xml
  
  Index: in_the_news.xml
  ===================================================================
  <?xml version="1.0"?>
  <?xml-stylesheet href="http://www.apacheweek.com/inthenews/inthenews.apache.org.xsl" type="text/xsl"?>
  
  <!-- 
      *** Data for Apache "in the news" pages.  Collected from the old in_the_news
      *** page together with news articles run in Apache Week.  Order in this file
      *** doesn't matter, but the "date" field should be present (6 or 8 digits)
      ***
      *** mjc@apache.org,mjc@redhat.com March 2001
  -->
  
  <news>
  <item>
  <title>Brian Behlendorf: Apache co-founder talks about open source</title>
   <publication>InfoWorld.com</publication>
   <url>http://www.infoworld.com/articles/hn/xml/00/11/17/001117hnapache.xml</url>
   <date>20001117</date>
   <quote>"the fact that we don't have a multibillion-dollar marketing organization means that, sure, Microsoft is going to be able to claim
                            things or do things that we can't, but that hasn't hurt us so far." </quote>
  </item>
  
  <item>
   <title>Apache founders hit Vegas in search of cash</title>
   <url>http://www.infoworld.com/articles/hn/xml/00/11/13/001113hnapache.xml</url>
   <publication>InfoWorld.com</publication>
   <date>20001113</date>
  <quote>"Behlendorf said the ASF may need to look for a little cash to keep up with the demands that developing the leading Web server requires"</quote>
  </item>
  
  <item>
   <title>Report from ApacheCon Europe 2000</title>
   <publication>Apache Week</publication>
   <url>http://www.apacheweek.com/features/apachecon2000eu</url>
   <date>20001103</date>
   <quote>"
  As in all conferences, there were various technical glitches when presentation laptops froze and batteries ran out, some
  inexperienced speakers, and not enough seats but these were all minor issues considering the excellent detailed technical
  knowledge that was imparted by the speakers."</quote>
  </item>
  
  <item>
   <title>Apache Guide: ApacheCon Europe</title>
   <publication>Apache Today</publication>
   <url>http://apachetoday.com/news_story.php3?ltsn=2000-10-30-002-01-NW-CY-LF</url>
   <date>20001030</date>
   <quote>"Last week, I was in London for ApacheCon 2000. In a break from my usual subjects,
                        this will be a brief overview of the conference, touching on the highlights and some of
                        the things that were talked about there."</quote>
  </item>
  
  <item>
   <title>Tips on pitching Apache to the big wigs</title>
   <url>http://www.nwfusion.com/news/2000/1026apacheadvice.html</url>
   <publication>NetworkWorldFusion</publication>
   <date>20001026</date>
   <quote>
  "Apache cares about trademarks and it's helped us maintain a pretty good
  product," Behlendorf said. 
   </quote>
  </item>
  
  <item>
   <title>IBM pitches its open source side</title>
   <url>http://www.nwfusion.com/news/2000/1025ibmopen.html</url>
   <publication>NetworkWorldFusion</publication>
   <date>20001025</date>
   <quote>
  "IBM Tuesday set out its open source agenda at ApacheCon
                     Europe 2000. The message seemed to boil down to the notion
                     that in a networked world, open source is good and IBM not only
                     knows that but embraces the open-source programming
                     community."</quote>
  </item>
  
  <item>
   <title>Sun says Java moving towards full
                     open source</title>
   <url>http://www.nwfusion.com/news/2000/1024javasource.html</url>
   <publication>NetworkWorldFusion</publication>
   <date>20001024</date>
   <quote>"Sun is moving toward making its Java technology fully open
                     source, a company executive said Tuesday, addressing an
                     audience of programmers here at the ApacheCon Europe 2000."
  </quote>
  </item>
  
  <item>
   <title>The 10 Most Important Products of the Decade</title>
   <publication>Network Computing</publication>
   <date>200010</date>
   <quote>"...Apache Web Server earns its place for changing the rules on the server side. The future of Apache hinges on its ability to function as
        an e-commerce server. If the past five years are any indication, Apache Web Server will deliver the whole shopping cart--and
        probably sooner than its competitors do." </quote>
  </item>
  
  <item>
   <title>E-business innovators</title>
   <publication>InfoWorld</publication>
   <date>200010</date>
   <quote>"By general acclaim, it has done more to stimulate Web development -- and therefore e-commerce -- than any other Web-based
        server." </quote>
  </item>
  
  <item>
   <title>Dynamics of the Apache XML Project</title>
   <url>http://weblogs.oreillynet.com/edd/discuss/msgReader$88</url>
   <publication>Edd Dumbill's Weblog (O'Reilly)	</publication>
   <date>20000710</date>
   <quote>
  "IBM and Lotus in particular are responsible for the XML parser, Xerces, and the XSLT processor, Xalan. Sun also play a significant part in Apache's Java projects. Though nobody has suggested that Apache is in any way in the sway of these organizations as a consequence of their donations, it seems inevitable that the corporate and hacker cultures may well clash. This weekend seems a good example of this."
   </quote> 
   <comment>
  Edd Dumbill, editor of XML.com, writes about the "Dynamics of the Apache Group" in his Weblog. The focus of the article is on news that the Apache XML project could create another parser and looks at the the internal dynamics of the group members and some of the conflicts.
   </comment>
  </item>
  
  <item>
   <title>AOLserver faster than Apache?</title>
   <url>http://weblogs.userland.com/qube/2000/06/26</url>
   <publication>Qube Corner</publication>
   <date>20000626</date>
  <comment>
  Qube Quorner reveal that Apache 1.3.12 comes second to AOLserver 3.0 in terms of requests/second and transfer speeds. Benchmarks do not give a true picture of the speed of a web server, since they provide an environment unlike the real use of the software. Commercial software is often tuned to perform well in benchmarks, so a good performance simply indicates that the software works well for that benchmark, not that it has good real-world performance. 
   </comment>
  </item>
  
  <item>
   <title>US Toyota and Lexus dealers adopt Apache technology</title>
   <url>http://www.newsalert.com/bin/story?StoryId=Cou7SqbKbytaYndK&amp;FQ=Apache&amp;Nav=na-search-&amp;StoryTitle=Apache</url>
   <publication>News Alert</publication>
   <date>20000620</date>
   <comment>
  Over the last week, there have been a large number of stories about Internet Appliances for both home and business use. An increasing number of these units are now being run on open source platforms such as Linux. Dell have announced that Toyota in the US are to be equipped with Dell PowerApp.web servers to provide customised content to their dealer network. 
   </comment>
  </item>
  
  <item>
   <title>Brian Behlendorf on the Apache name</title>
   <url>http://www.linux-mag.com/2000-04/behlendorf_01.html</url>
   <publication>Linux Magazine</publication>
   <date>200004</date>
   <quote>
  "While there would still be a World Wide Web without the Apache Web server, pundits have suggested that it would belong to Microsoft. Since drawing up the plan for the Apache project in 1993, Apache Software Foundation President Brian Behlendorf has helped lead the volunteer development team that proved that you can take on Microsoft and win -- just so long as you change the rules."
   </quote> 
   <comment>
  Linux magazine have an interview with Brian Behlendorf, one of the initial Apache group founders. In addition to talking about the founding and sucess of Apache, Brian explains that the Apache name never meant "A patchy server", instead it "just sort of connoted: 'Take no prisoners. Be kind of aggressive and kick some ass.'" 
   </comment>
  </item>
  
  <item>
   <title>IBM donates Net communications technology </title>
   <url>http://news.cnet.com/news/0-1003-200-1993071.html?tag=st.ne.1002.thed.ni</url>
   <publication>C|Net News.com</publication>
   <date>20000601</date>
   <quote>
  "We want to move at Internet speed and respond to the needs of the developer community by making it available to the open-source community," said Marie Wieck, IBM's director of e-markets infrastructure. "It's valuable to further adoption." 
   </quote> 
   <comment>
  As reported by C|Net, the Apache Software Foundation has received technology from IBM which will help developers create services using an open, vendor-neutral process. IBM's Java-built Simple Object Access Protocol (SOAP) will be contributed to the open source Apache XML project. The system provides a simple method of using XML to send message and access web services across distributed networks. 
   </comment>
  </item>
  
  <item>
   <title>Apache Software Foundation join Java commmittee</title>
   <url>http://www.cnetinvestor.com/newsitem-investor.asp?symbol=89538820&amp;Ticker=AAPL</url>
   <publication>CNet Investor</publication>
   <date>20000601</date>
   <quote>
  "As is evident by the depth, diversity and strength of the JCP program's Executive Committee members, the future of Java technology specifications is in capable and caring hands," said George Paolini, vice president of Java Community Development at Sun Microsystems, Inc.
   </quote> 
  <comment>
  CNet Investor reported that Sun Microsystems have set up two executive committees to oversee their Java Community Process(SM) community-based Java technology development programmes. The first committee will oversee the Java technologies for the desktop/server space and the other will oversee the Java technologies for the consumer/embedded space. 
   </comment>
  </item>
  
  <item>
   <title>Red Hat Leads The Way To IA-64 Itanium Linux</title>
   <url>http://www.zdnet.com/sp/stories/news/0,4538,2571379,00.html</url>
   <publication>ZD Net</publication>
   <date>20000518</date>
   <quote>
  "On May 17, Red Hat Inc. released an alpha version of a complete IA-64 Linux distribution to developers. This edition, built within the Trillian Project, is the first alpha public code release of a full IA-64 Linux from kernel to drivers to such popular applications as Apache."
   </quote> 
  <comment>
  Red Hat Inc. this week released public alpha code of a full version of Linux for Intel's new IA-64 Itanium processor. The release of the software combined with the release of Intel's "Itanium Processor Microarchitecture Reference" gives developers access to all the information they need to start working on Itanium development. 
   </comment>
  </item>
  
  <item>
   <title>April Web Server Survey</title>
   <url>http://www.securityspace.com/s_survey/data/index.html</url>
   <publication>SecuritySpace.com</publication>
   <date>20000501</date>
   <quote>
  "The Apache module report documents the market share of Apache, internet's most popular web server, for a variety of add-on modules. Since most add on modules modify the web server "signature" that is returned on each web page, we are able to see who's using PHP, perl, SSL mods, language converters, language mods, etc."
   </quote> 
  <comment>
  If you are a regular reader of Apache Week you'll know that Apache has been the top web server in all the probe-based web surveys for some time, now with over 60% market share. The April survey from E-Soft also gives some other interesting statistics for modules in use; the most popular being the PHP scripting language in use on 29% of Apache sites. 
   </comment>
  </item>
  
  <item>
   <title>Picking The Right Web Server Is Key</title>
   <url>http://www.zdnet.com/products/stories/reviews/0,4161,2562342,00.html</url>
   <publication>ZDNet</publication>
   <date>20000504</date>
   <quote>
  "There are other compelling reasons to choose Linux/Apache. For one thing, you'll never find a back door, as with the recent IIS debacle, in open-source code. And it's getting so easy to install that the hardcore Linux gurus are grumbling about dumbing down."
   </quote> 
  <comment>
  ZDNet examine web server platforms in their article, "Picking the Right Server is Key". They compare Windows 2000 Advanced Server, Netware 5.1, Red Hat Linux using Apache, Solaris using iPlanet, and Solaris using Apache. 
   </comment>
  </item>
  
  <item>
   <title>Scripting News / Manila</title>
   <url>http://scriptingnews.userland.com/backissues/2000/04/24</url>
   <publication>Userland</publication>
   <date>20000424</date>
   <quote>
  "Apache is like MS-DOS. Lots of people use it, we do too. But where's the Lotus 1-2-3? Apache is boring! Where's the revolution for writers and thinkers?"
   </quote> 
  <comment>
  UserLand hosts an interesting open forum about commercial software, which originally started as an email discussion between Dave Winer and Brian Behlendorf. In Dave's own comments he picks out some of the discussion and his own point of view, accusing Apache of being boring. 
   </comment>
  </item>
  
  <item>
   <title>VNU Net: Apache Server Commentary [Book Review]</title>
   <url>http://linuxtoday.com/stories/20558.html</url>
   <publication>Linux Today</publication>
   <date>20000421</date>
   <quote>
  "This is one in a series of books which sets out to give an insight into the various Open Source products currently on the market. It is aimed at those who either want to write extension modules to Apache or customise the underlying code.  In fact, Apache Server Commentary appears to be little more than a reference guide for those who already understand the concept of Apache and just want help on specific modules. It certainly isn't the architectural document I was expecting."
   </quote> 
  <comment>
  A short review of the new book "Apache Server Commentary" is available. The book is aimed at developers and contains source code listings of the Apache server. 
   </comment>
  </item>
  
  <item>
   <title>A Conversation With the Man Behind the Animal Books</title>
   <url>http://www.linux-mag.com/2000-02/oreilly_01.html</url>
   <publication>Linux Magazine</publication>
   <date>200004</date>
   <quote>
  "I think Apache plays an enormously important role here. Because it has dominant market share, it keeps the Internet open. I think it's more important for Apache to have dominant market share than for Linux. If Linux is dominant too, that's better, but I'd hate to see us lose Apache. That's a really important battleground."
   </quote> 
  <comment>
  The article discusses the evolving open source industry and pays particular attention to Apache. 
   </comment>
  </item>
  
  <item>
   <title>Open Source Moves To The Mainstream</title>
   <url>http://www.informationweek.com/781/open.htm</url>
   <publication>InformationWeek.com</publication>
   <date>20000410</date>
   <quote>
  "One of the leading open-source success stories is the Apache Web server, which for many sites is the backbone of Web applications. Apache is a flagship open-source project, continually developed by a self-selected group of coordinated volunteer programmers. It costs nothing to use. As of March, Apache is deployed on more than 7.8 million domains, or some 60% of Internet Web sites."
   </quote> 
  <comment>
  The article discusses the secure server survey from e-soft which shows Apache with 63% market share but notes that the "battle over E-commerce territory has been a little more difficult for open source, perhaps an indication that security-minded companies prefer to use commercial products". 
   </comment>
  </item>
  
  <item>
   <title>The Netware Version Of Apache</title>
   <url>http://www.nwfusion.com/newsletters/netware/0313nw2.html</url>
   <publication>NetWorldFusion</publication>
   <date>20000313</date>
   <quote>
  "The NetWare version of Apache 1.3 is still in the "experimental" stage, and it (so far) only runs on NetWare 5 or 5.1. Nevertheless, if you support a major Web site and ... if you want to take advantage of the hundreds of Web server applications available (also for free) for Apache - it would be worth your effort to download and test the new Apache in your environment."
   </quote> 
  <comment>
  The NetWare version of Apache is examined in a Network World Fusion Newsletter. Over the past few years Novell have shipped a couple of different Web servers with NetWare, but now Apache is available for this system. 
   </comment>
  </item>
  
  <item>
   <title>Elliptic Curve Discrete Logarithms: ECC2K-108 - SOLVED!</title>
   <url>http://cristal.inria.fr/~harley/ecdl7/readMe.html</url>
   <publication>INRIA</publication>
   <date>20000404</date>
   <quote>
  "The biggest public-key crypto crack ever has just finished! Certicom have confirmed that the solution is correct."
   </quote> 
  <comment>
  Apache Week reported in issue 180 on the attempt to solve the Elliptic Curve Challenge from Certicom. The solution was found at the end of March, and the Apache Software Foundation will receive a donation of US$8000 from the prize. 
   </comment>
  </item>
  
  <item>
   <title>Solaris 8 weds reliability to must-have upgrades</title>
   <url>http://www.zdnet.com/eweek/stories/general/0,11011,2470275,00.html</url>
   <publication>ZD Net - EWeek</publication>
   <date>20000320</date>
   <quote>
  "Apache Web server is also bundled with Solaris 8, but neither PC Week Labs nor Sun recommends its use in high-transaction environments."
   </quote> 
  <comment>
  PC Week mention Apache being bundled with Solaris in Solaris 8 weds reliability to must-have upgrades. 
   </comment>
  </item>
  
  <item>
   <title>Reflections On ApacheCon 2000</title>
   <url>http://slashdot.org/apache/00/03/18/1141205.shtml</url>
   <publication>Slashdot</publication>
   <date>20000318</date>
   <quote>
  "It's been a week now since ApacheCon 2000 ended. There's been some discussion over the events, with the release of Apache 2.0a being the main topic of conversation. But AC2K was more than just the venue that 2.0a was announced. It was an important and noteworthy conference in it's own right."
   </quote> 
  <comment>
  ASF member Jim Jagielski gives his personal opinion of ApacheCon 2000 in "Reflections on ApacheCon 2000". 
   </comment>
  </item>
  
  <item>
   <title>Report from ApacheCon 2000</title>
   <url>http://www.apacheweek.com/features/apachecon2000</url>
   <publication>Apache Week</publication>
   <date>20000310</date>
   <quote>"
  In total, just
                            over 1000 people attended the conference and this included a large number of Apache Software Foundation members.
                            At the very first session of the conference, the opening plenary, the previous record for the most Apache developers in
                            the same place at the same time was broken."</quote>
  </item>
  
  <item>
   <title>The Buzz At Apache Conference: World Domination</title>
   <url>http://opensourceit.earthweb.com/news/031300_apachecon.html</url>
   <publication>Open Source IT</publication>
   <date>200003</date>
   <quote>
  "More than 1,000 Apache developers and users gathered at ApacheCon 2000 in Orlando last week to discuss -- among other things -- the progress the Apache Web server is making towards World Domination."
   </quote> 
  <comment>
  ApacheCon 2000 is still in the news as Open Source IT reports on ApacheCon 2000 in "The Buzz at Apache Conference: World Domination". 
   </comment>
  </item>
  
  <item>
   <title>ApacheCon 2000: Day One, Day Two, DayThree</title>
   <url>http://web.oreilly.com/news/apachecon_day1.html</url>
   <publication>O'Reilly</publication>
   <date>200003</date>
   <quote>
  "The conference is being held at the Caribe Royale Resort Suites, which despite a strong conference turnout, is mainly inhabited by lots of parents and their young children, due to the proximity to Disney World."
   </quote> 
  <comment>
  O'Reilly published a detailed report on each day of the conference; Wednesday, Thursday, and Friday. 
   </comment>
  </item>
  
  <item>
   <title>ApacheCon 2000</title>
   <url>http://www.mlinux.org/events/acon2000/</url>
   <publication>Melbourne Linux Users Group Inc</publication>
   <date>20000310</date>
   <quote>
  "The ApacheCon show was very well done. The exhibit floor featured many cool companies and the keynote and PHP presentations I attended were very informative. Here are some pics of the event."
   </quote> 
  <comment>
  The Melbourne Linux Users Group posted a number of pictures from the conference. 
   </comment>
  </item>
  
  <item>
   <title>ApacheCon: Fuelling The Web Revolution</title>
   <url>http://www.linuxplanet.com/linuxplanet/reports/1580/1/</url>
   <publication>LinuxPlanet</publication>
   <date>200003</date>
   <quote>
  "ApacheCon is the yearly convention dedicated to Apache and Apache products. There are over 1,000 visitors this year, and the show creators were sitting around saying things to me like, "Wow, this is going so mainstream so fast." God, I hope so. It'd be a terrible thing for something that has captured 60 percent of the Internet Web-server market share to not be mainstream."
   </quote> 
  <comment>
  The article gives a brief overview of the conference and highlights one of the popular talks on open source from IBM.
   </comment>
  </item>
  
  <item>
   <title>A Patchy Start: Apache's Strong</title>
   <url>http://www.wired.com/news/business/0,1367,34302,00.html</url>
   <publication>Wired.com News</publication>
   <date>20000214</date>
   <quote>
  "Apache is the Web's most widely used and -- outside of the Nerd Zone -- its most unknown application. 
  It has achieved dominance in a crucial market that Microsoft and Netscape have struggled mightily to conquer. Both companies have invested massive amounts of money and programming skills into server software programs -- and yet it's Apache, a freeware application, that is installed on just over half of all publicly accessible Web servers."
   </quote> 
  <comment>
  The article examines why Apache is not as well known as other projects such as Linux and finds that the companies providing support and services based on Apache are not as visible. 
   </comment>
  </item>
  </news>
  
  
  
  1.1                  httpd-site/xdocs/info/in_the_news_1997.html
  
  Index: in_the_news_1997.html
  ===================================================================
  <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
  <HTML><HEAD>
  <TITLE>Apache in the News</TITLE>
  </HEAD>
  <!-- Background white, links blue (unvisited), navy (visited), red (active) -->
  <BODY
   BGCOLOR="#FFFFFF"
   TEXT="#000000"
   LINK="#0000FF"
   VLINK="#000080"
   ALINK="#FF0000"
  >
  
  <IMG SRC="../images/apache_sub.gif" ALT="">
  <H2>Apache in the News: 1996, 1997</H2>
  Apache has featured in a large number of reviews and articles.  
  This page lists just some
  of the stories that appeared on-line up to the end of 1997.  It is likely
  that the links to some of these stories may no longer be available.
  <p>
  Apache in the News: <a href="../in_the_news.html">2001,2000</a> |
                      <a href="in_the_news_1999.html">1999,1998</a> |
                      1997,1996
  <HR>
  
  <P>
  <STRONG>Internet World Daily, 24 Dec 1997</STRONG>
  <A name="http://www.internetworld.com/reviews/1997/12/2401-apache.html">
  <STRONG><CITE>At Last: Apache Runs on Windows</CITE></STRONG></A> 
  (no longer available)
  <BR>
  <BLOCKQUOTE>
   <EM>
    "There's no secret why Apache is the most popular Web server on the
    Internet, running on almost 50 percent of all Web servers: It rarely
    crashes and, once set up, Apache doesn't require much in the way of
    maintenance. Plus, the price is right: it's free."
   </EM>
  </BLOCKQUOTE>
  
  <P>
  <STRONG>San Jose Mercury News, December 12th 1997</STRONG>
  <A HREF="http://www1.sjmercury.com/columnists/gillmor/docs/dg121297.htm">
  <STRONG><CITE>There's money to be made in freeware</CITE></STRONG></A>
  <BR>
  <BLOCKQUOTE>
   <EM>
    "If some cosmic force caused all of the free software at work on
    today's Internet to suddenly stop running, major portions of the Net
    would come to a grinding halt -- because free software, sometimes
    called freeware, is at the heart of the action."
   </EM>
  </BLOCKQUOTE>
  
  <P>
  <STRONG>BYTE Magazine, December 1997 issue</STRONG>
  <A HREF="http://www.byte.com/art/9712/sec8/art1.htm">
  <STRONG><CITE>The Value of Free Software</CITE></STRONG></A>
  <BR>
  <BLOCKQUOTE>
   <EM>
    "The Apache project runs differently than most freeware
    projects. Perl, for example, continues to evolve under the watchful
    eye of its creator, Larry Wall. Likewise, Linux does the same under
    Linus Torvalds. But Apache is governed by 13 co-equal developers who
    share permission to commit changes to the Apache source tree."
   </EM>
  </BLOCKQUOTE>
  
  <P>
  <STRONG>C|Net, Nov. 25th 1997</STRONG>
  <A HREF="http://builder.cnet.com/Business/Paul/112597/">
  <STRONG><CITE>Top Ten Things to be Thankful For, #10</CITE></STRONG></A>
  <BR>
  <BLOCKQUOTE>
   <EM>
    "The Apache Group and the free Apache HTTP server stand
    as an appealing throwback to the early, less-commercial,
    days of the Net when things seemed to be done for love,
    not for money. Free and open standards supported and
    maintained by the people who use them are still a good
    thing for the Web. And, hey, Apache is a damn fine server,
    too."
   </EM>
  </BLOCKQUOTE>
  
  <P>
  <STRONG>Salon Magazine, 20 November 1997</STRONG>
  <A HREF="http://www.salonmagazine.com/21st/feature/1997/11/cov_20feature.html">
  <STRONG><CITE>Apache's Free Software Warriors</CITE></STRONG></A>
  <BR>
  <BLOCKQUOTE>
   <EM>
    "A red feather resting against the words "Powered by Apache": On the
    Web, the logo is everywhere. And for good reason -- the Apache Web
    server, a piece of software that transforms ordinary computers into
    sites on the World Wide Web, is by far the most popular choice for
    Webmasters everywhere."
   </EM>
  </BLOCKQUOTE>
  
  <P>
  <STRONG>InternetWeek, 13 October 1997</STRONG>
  <A HREF="http://techweb.cmp.com/internetwk/reviews/rev1013.htm">
  <STRONG><CITE>Unix Web Servers: Unhyped But Not Forgotten </CITE></STRONG></A>
  <BR>
  <BLOCKQUOTE>
   <EM>
   "Apache excels as a well-designed, flexible server. As your needs
   grow, you will find that the Apache development team has probably
   anticipated your growth and already implemented the features you
   need."
   </EM>
  </BLOCKQUOTE>
  
  <P>
  <STRONG>Net Insider, 30 September 1997</STRONG>
  <A HREF="http://www.techweb.com/internet/news/features/1997/09/webserver1.html">
  <STRONG><CITE>Apache Dominates Web Server Market</CITE></STRONG></A>
  <BR>
  <BLOCKQUOTE>
   <EM>
   "Although Microsoft and Netscape
    have spent a lot of marketing muscle promoting their browsers
    and servers, ... Apache ... is far more popular on today's
    Internet than products from either vendor."
   </EM>
  </BLOCKQUOTE>
  
  <P>
  <STRONG>ZDNet, Jesse Berst's Anchordesk, 26 September 1997</STRONG>
  <A HREF="http://www.zdnet.com/anchordesk/story/story_1284.html">
  <STRONG><CITE>The World's Cheapest Web Server. The World's Most Popular Web
  Server. (Psst!  It's the Same One!)</CITE></STRONG></A>
  <BR>
  <BLOCKQUOTE>
   <EM>
   "Apache's main draw isn't that it's free. Discerning Webmasters choose
   Apache for these three reasons: flexibility, scalability, [and]
   cutting edge features."
   </EM>
  </BLOCKQUOTE>
  
  <P>
  <STRONG>The New York CyberTimes "<SAMP>undeveloped</SAMP>", 13
  August 1997:</STRONG>
  <A
   HREF="http://www.nytimes.com/library/cyber/under/081397under-tacy.html"
  ><STRONG><CITE>Maligning Free Software Is a Growing Web
   Tradition</CITE></STRONG></A>
  (login required)
  <BR>
  <BLOCKQUOTE>
   <EM>
   "While people can argue the merits of Perl forever, you aren't going to
   get a lot of people claiming that Apache is an inferior product."
   </EM>
  </BLOCKQUOTE>
  
  <P>
  <STRONG>IEEE Internet Computing, July-August 1997:</STRONG>
  <A
   HREF="http://pascal.computer.org/ic/books/ic1997/pdf/w4088.pdf"
  ><STRONG><CITE>Collaborative Work: The Apache HTTPD Server
   Project</CITE></STRONG></A> 
  (Acrobat PDF file)
  <br>restricted to IEEE Computer Society members with a valid E-Account.
  <BR>
  <BLOCKQUOTE>
   <EM>
   "The Apache HTTP Server Project ...
   collaborative software development effort has created
   a robust, feature-rich HTTP server software package that
   currently dominates the public Internet market..."
   </EM>
  </BLOCKQUOTE>
  
  <P>
  <STRONG>
   <CITE>La Nacion</CITE>, 1 July 1997:
   "<A HREF="http://www.lanacion.com/suples/infor/00notas/05-apache/nota.htm"
    >apache! con el calor del viejo esp&iacute;ritu</A>"
  </STRONG>
  (Spanish)
  </P>
  <BLOCKQUOTE>
   <EM>"la historia del servidor m&aacute;s popular de Internet"</EM>
  </BLOCKQUOTE>
  
  <P><STRONG>Wired, June 28th 1997:
  <A HREF="http://www.wired.com/news/news/wiredview/story/4753.html">Software Wants to Be Free</A></STRONG>
  <BR><BLOCKQUOTE><EM>
  "It's no secret that Apache is the most powerful, the most flexible, and the best Web-server software on the market."</EM></BLOCKQUOTE>
  
  <P><STRONG>
  <A HREF="http://www8.zdnet.com/pcweek/news/0609/09apache.html">
  PC Week, June 9th 1997, "Fort Apache"</A></STRONG>
  <BR><BLOCKQUOTE><EM>
  "`The whole motivation was to fix some bugs in NCSA,' said Brian
  Behlendorf, an Apache coordinator and chief technology officer at
  Organic Online, in San Francisco. `We just found each other over
  the Internet.'" 
  </EM></BLOCKQUOTE>
  
  <P><STRONG>Informationweek, June 2nd 1997: 
  <A HREF="http://www.techweb.com/se/directlink.cgi?IWK19970602S0051">
  Web servers -- Apache:Freely Successful --
  The Net's Web server shareware continues to gain popularity</A></STRONG>
  <BR><BLOCKQUOTE><EM>
  "The Apache Group has accomplished a feat that should make it the envy
  of commercial software developers everywhere. Without spending a cent on
  research, marketing, or advertising, this group of volunteer programmers
  created Apache-Web server software that may be the most widely used
  product on the Internet today."
  </EM></BLOCKQUOTE>
  
  <P><STRONG>WebWeek, March 17th, 1997: 
  <A HREF="http://www.internetworld.com/print/1997/03/17/infrastructure/blasts.html">
  New Web Server Blasts Pages Across the Net</A></STRONG>
  <BR><BLOCKQUOTE><EM>
  "HTTP/1.1 support improves web speed by two to eight times - Apache support
  for HTTP/1.1 complete."
  </EM></BLOCKQUOTE>
  
  <P><STRONG>PC Week, December 16th, 1996:
  <A HREF="http://www.zdnet.com/pcweek/sr/1216/16labs.html">
  The Net sires many of year's best products, technologies</A></STRONG>
  <BR><BLOCKQUOTE>
  Apache named in PC Week's Top Ten for 1996
  </BLOCKQUOTE>
  
  <P><STRONG>ix Multiuser Multitasking Magazin, Dezember 1996: 
  <A HREF="http://www.heise.de/ix/artikel/E/9612149/">
  Forwarded -- URL manipulation with Apache</A></STRONG>
  <BR><BLOCKQUOTE>
  A six page featuring article about the new URL rewriting module (mod_rewrite)
  which was contributed to Apache 1.2. Original article was written in german
  and published in the print version #12/96 of iX. The translated version was
  published on the Web, only.
  </BLOCKQUOTE>
  
  <P><STRONG>Interactive Week, November 11th 1996:
  <A HREF="http://www.zdnet.com/intweek/daily/a961111.html">
  Wagons Circle, But Apache Server Still Alive</A></STRONG>
  <BR><BLOCKQUOTE><EM>
  "Apache increases its lead throughout October". </EM>IW interviews several Apache
  users to find out why.
  </BLOCKQUOTE>
  
  <P><STRONG>Computer Currents, 2nd August 1996: 
  <A NAME="http://www.currents.net/newstoday/96/08/02/news.html">
  Apache Consolidates Lead In Web Server Market</A></STRONG><BR>(Text no longer available)
  <BR><BLOCKQUOTE><EM>
  The August survey of World Wide Web servers has found the number running the Apache software
  have continued to grow with the gap widening against the competition
  </EM></BLOCKQUOTE>
  
  <P><STRONG>C|Net, 1st August 1996: 
  <A HREF="http://www.news.com/News/Item/0,4,2009,00.html">
  Gates: Explorer will be huge</A></STRONG>
  <BR><BLOCKQUOTE><EM>
  "On the Web server side, however, Gates doesn't see Netscape as his
  chief competitor. `Apache [free Web server software distributed over
  the Net] is our biggest competitor. It's gaining share faster than
  Netscape.'"</EM></BLOCKQUOTE>
  
  <P><STRONG>Netscape World, July 1996:
  <A HREF="http://www.netscapeworld.com/netscapeworld/nw-07-1996/nw-07-apache.html">
  Apache on the warpath, NCSA getting scalped</A></STRONG>
  <BR><BLOCKQUOTE><EM>
  "Apache retains the lion's share of the server
  software market, and its numbers are growing as the NCSA server falls from favor."
  </EM></BLOCKQUOTE>
  
  <P><STRONG>Websmith, July 1996:
  <A HREF="http://www.ssc.com/websmith/issues/i4/ws57.html">
  How to hack your server</A></STRONG>
  <BR>
  <BLOCKQUOTE><EM>
  "Many times faster than CGI, the Apache API gives developers direct access to the server core. This is the first in a series of articles dealing with the Apache API."
  </EM></BLOCKQUOTE>
  
  <P><STRONG>C|Net, 6th June 1996:
  <A HREF="http://www.news.com/News/Item/0,4,1504,00.html">
  Netscape fixes Apache in its sights</A></STRONG>
  <BR>
  <BLOCKQUOTE><EM>
  "While Netscape Communications has by far the largest piece of the browser
  market, the company's Web server software lags well behind its freeware
  counterparts. Now, Netscape has started trying harder to figure out why."
  </EM></BLOCKQUOTE>
  
  <P><STRONG>WebWeek, 20th May 1996:
  <A HREF="http://www.internetworld.com/print/1996/05/20/products/apache.html">
  Apache Leads Web Server Pack</A></STRONG>
  <BR>
  <BLOCKQUOTE><EM>
  "Apache users are a fiercely loyal bunch who report that
  the development team behind Apache has done a great job in quickly
  adding features and addressing bugs in the platform."
  </EM></BLOCKQUOTE>
  
  <P><STRONG>SunWorld Online, May 1996:
  <A HREF="http://www.sun.com/sunworldonline/swol-05-1996/swol-05-webservers.html">
  What to Look for in a Web Server</A></STRONG>
  <BR><BLOCKQUOTE><EM>
  "...if you're willing to invest a little time and want excellent support from
  the best minds in the industry, Apache is the clear winner. "
  </EM></BLOCKQUOTE>
  
  <P><STRONG>Apache Group, 4th April 1996:
  <A HREF="http://www.apache.org/press/04apr96.txt">
  Apache Group announces the world's most popular Webserver
  </A></STRONG>
  <BR><BLOCKQUOTE><EM>
  "The Apache Group today announced that their
  popular webserver, Apache, was found by the Netcraft Web Server Survey
  to be the most popular server on the Internet"
  </EM></BLOCKQUOTE>
  <P>
  
  
  <HR>
  
  </BODY></HTML>
  
  
  
  1.1                  httpd-site/xdocs/info/in_the_news_1999.html
  
  Index: in_the_news_1999.html
  ===================================================================
  <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"
   "http://www.w3.org/TR/REC-html40/loose.dtd">
  <HTML>
   <HEAD>
    <TITLE>Apache in the News</TITLE>
   </HEAD>
  <!-- Background white, links blue (unvisited), navy (visited), red (active) -->
  <BODY
   BGCOLOR="#FFFFFF"
   TEXT="#000000"
   LINK="#0000FF"
   VLINK="#000080"
   ALINK="#FF0000"
  >
  
  <IMG SRC="../images/apache_sub.gif" ALT="">
  <H2>Apache in the News: 1998, 1999</H2>
  <P>
  Since becoming the #1 Web server, Apache has featured in a number
  of reviews and articles.  
  This page lists just some
  of the stories that appeared on-line up to the end of 1999.  It is likely
  that the links to some of these stories may no longer be available.
  <P>
  Apache in the News: <a href="../in_the_news.html">2001,2000</a> |
                      1999,1998 |
                      <a href="in_the_news_1997.html">1997,1996</a>
  </P>
  <HR>
  <P>
  <STRONG>
    <CITE>CNN.com / IDG.net / LinuxWorld</CITE>, December 1999:
    "<A HREF="http://www.cnn.com/1999/TECH/computing/12/28/covalent.idg/index.html">
    Does Covalent have a recipe for open source success?</A>"
  </STRONG>
  <BLOCKQUOTE>
    <EM>"Today, [Covalent Technologies] is focused exclusively on
        providing support and products for the Apache server...  The goal will
        be an enterprise-level Apache solution that can compete successfully
        with Microsoft and Netscape for use by the largest ecommerce sites."</EM>
  </BLOCKQUOTE>
  
  <P>
  <STRONG>
    <CITE>CNN.com / IDG.net / The Industry Standard</CITE>, November 1999:
    "<A HREF="http://www.cnn.com/TECH/computing/9911/24/top10.hardware.tis.idg/index.html">
    10 companies that will make the Web grow </A>"
  </STRONG>
  <BLOCKQUOTE>
    <EM>"Expect the software to make significant inroads into
        enterprise, as IBM slowly meshes the software into its Web server
        and transforms its global consultants into Apache experts."</EM>
  </BLOCKQUOTE>
  
  
  <P>
  <STRONG>
    <CITE>Dr. Dobbs Journal</CITE>, September 1999: 
    "<A HREF="http://www.ddj.com/articles/1999/9909/9909o/9909o.htm">
    The Negotiator</A>"
  </STRONG>
  <BLOCKQUOTE>
    <EM>"The Apache Group earned the right to lead the way in
        server-side Java by proving to Sun and the rest of the world that
        volunteer programmers working together can deliver high-quality code
        on predetermined schedules."</EM>
  </BLOCKQUOTE>
  
  <P>
  <STRONG>
    <CITE>PC Magazine</CITE>, March 23, 1999 Issue:
    "<A HREF="http://www.zdnet.com/pcmag/features/opensource/390830.html">
    Apache Rules The Web</A>"
  </STRONG>
  <BLOCKQUOTE>
    <EM>"No program has done more to dispel the notion that open-source
         can't survive in the real world than the Web server Apache."</EM>
  </BLOCKQUOTE>
  
  <P>
  <STRONG>
   <CITE>Apple Computer, Inc.</CITE>, January 5, 1999, Press Release:
   "<A HREF="http://www.apple.com/pr/library/1999/jan/05osxserver.html"
    >Apple Mac OS X Server Uses Apache</A>"
  </STRONG>
  </P>
  <BLOCKQUOTE>
   <EM>"Apple has chosen to include the Apache HTTP Server
        in their new Mac OS X Server OS."</EM>
  </BLOCKQUOTE>
  
  <P>
  <STRONG>
   <CITE>NewMedia</CITE>, January 1999, vol. 9.1, cover story:
   "<A HREF="http://newmedia.com/newmedia/99/01/feature/Set_Free.html"
    >Set Your Code Free</A>"
  </STRONG>
  </P>
  <BLOCKQUOTE>
   <EM>"We use Apache because it's the best Web server
        currently available and we can customize it to suit our
        needs, again because the source code is there."</EM>
  </BLOCKQUOTE>
  
  <P>
  <STRONG>
   <CITE>Forbes</CITE>, August 10 1998, cover story:
   "<A HREF="http://www.forbes.com/forbes/98/0810/6203094a.htm"
    >For the love of Hacking</A>"
  </STRONG>
  </P>
  <BLOCKQUOTE>
   <EM>"Apache knocked Netscape's closed-source Web
   server out of the running for the cornerstone
   of IBM's Web commerce package. "</EM>
  </BLOCKQUOTE>
  
  <P>
  <STRONG>
   <CITE>IBM News</CITE>, 22 June 1998:
   "<A HREF="http://www.ibm.com/News/1998/06/223.phtml"
    >IBM ... Bundles leading-edge tools and technologies from
     Apache and NetObjects into IBM WebSphere Application Server</A>"
  </STRONG>
  <BLOCKQUOTE>
   <EM>"IBM will ship the Apache HTTP server with the IBM WebSphere Application
   Server, helping current Apache users to evolve to e-business solutions.
   As part of the WebSphere Application Server package, IBM will provide
   commercial, enterprise-level support for the Apache HTTP Server. In addition,
   IBM will be a full participant in the Apache HTTP Server Project,
   a collaborative development effort, and will make contributions to
   enhance the capabilities of the Apache HTTP Server."</EM>
  </BLOCKQUOTE>
  <P>
  Other press about this announcement:
  </P>
  <UL>
   <LI><A HREF="http://www.apache.org/press/22Jun98.html">Apache Group press release</A>
   </LI>
   <LI><CITE>The Industry Standard</CITE>:
       "<A HREF="http://www.thestandard.net/articles/article_display/0,1449,720,00.html?01"
        >IBM to Adopt Apache as Preferred E-commerce Web Server</A>"
   </LI>
   <LI><CITE>PC Week</CITE>:
       "<A HREF="http://www.zdnet.com/pcweek/news/0615/19mibm.html"
        >IBM backs freeware Apache in new app server</A>"
   </LI>
   <LI><CITE>Wired News</CITE>:
       "<A HREF="http://www.wired.com/news/news/business/story/13117.html"
        >IBM Picks Apache</A>"
   </LI>
   <LI>C|Net's <CITE>News.com</CITE>:
       "<A HREF="http://www.news.com/News/Item/0,4,23364,00.html?st.ne.fd.gif.f"
        >IBM fuels 'freeware' efforts</A>"
   </LI>
   <LI><CITE>Jesse Berst's AnchorDesk</CITE>:
       "<A HREF="http://www.zdnet.com/anchordesk/story/story_2240.html"
        >Freeware Gains Momentum with IBM Support</A>"
   </LI>
  </UL>
  
  
  <P>
  <STRONG>
   <CITE>Software Development</CITE>, June 1998:
   "Apache: An Open-Source Software Success Story,"
   by Warren Keuffel
  </STRONG>
  </P>
  
  <P>
  <STRONG>
   <CITE>Fast Company</CITE>, May 1998, Issue 14, page 38:
   "<A HREF="http://www.fastcompany.com/online/14/rftf.html"
    >The Best Things in Life Are Free</A>"
  </STRONG>
  </P>
  <BLOCKQUOTE>
   <EM>"Apache's real miracle is not so much its success in the software market
   as its magnetic draw in the talent market. No single company could hope
   to hire the diverse programming team that came together to create Apache.
   Even more amazingly, this global collection of brainpower received no
   compensation for its effort. Sure, the product is free. But so is the
   labor."</EM>
  </BLOCKQUOTE>
  
  <P>
  <STRONG>
   <CITE>Performance Computing</CITE>, May 1998:
   "<A HREF="http://www.performancecomputing.com/columns/web/9805.shtml"
    >The Apache HTTP Server</A>"
  </STRONG>
  </P>
  <BLOCKQUOTE>
   <EM>"it's no secret that an Apache-UNIX combination
   for a Web server yields the most in terms of performance
   and stability, since Apache servers are optimized for
   efficient Web transactions while simultaneously being
   more stable than the commercial Microsoft and Netscape
   offerings."</EM>
  </BLOCKQUOTE>
  
  <P>
  <STRONG>
   <CITE>WEBTechniques</CITE>, May 1998, Volume 3, Issue 5:
   "<A HREF="http://www.WebTechniques.com/features/1998/05/engelschall/engelschall.shtml"
    >Load Balancing Your Web Site</A>"
  </STRONG>
  </P>
  <BLOCKQUOTE>
   Article from Apache Group member 
   <A HREF="contributors/#rse">Ralf S. Engelschall</A>
   about two practical approaches for distributing HTTP traffic between websites:
   A DNS-based round-robin method and an Apache-based random-choice method. 
   <EM>"The Apache-based method presents a solution where a heavily
   stripped down Apache 1.3 webserver is configured as a reverse proxy in
   front of backend webservers via a tricky mod_rewrite/mod_proxy
   combination."</EM>
  </BLOCKQUOTE>
  
  <P>
  <STRONG>
   <CITE>Network Magazine</CITE>, April 1998:
   "<A HREF="http://www.networkmagazine.com/magazine/archive/1998/04/9804poy.htm#Web_Server"
    >The 1998 Products of the Year</A>" (registration required)
  </STRONG>
  </P>
  <BLOCKQUOTE>
   Apache wins the 1998 product of the Year award in the "Web Server"
   category.
  </BLOCKQUOTE>
  
  <P>
  <STRONG>
   <CITE>ZDNet</CITE>, April 1998:
   "<A HREF="http://www.zdnet.com/zdnn/content/inwk/0512/303374.html"
    >Web Servers: Offering More Services</A>"
  </STRONG>
  </P>
  <BLOCKQUOTE>
   A report on the divergence between embedded web servers and servers 
   for traditional operating systems.  It also covers the multiprocess versus 
   multithreaded issue for web servers:
   <EM>"Apache is an example of a
   multiprocess Web server. IIS from Microsoft
   and Enterprise Server from Netscape use a multithreaded
   approach."</EM>
  </BLOCKQUOTE>
  
  <P>
  <STRONG>
   <CITE>C|Net</CITE>, 9 Mar 1998:
   "<A HREF="http://www.cnet.com/Content/Reviews/Special/Iawards98/ss02.html"
    >C|Net Award for Internet Excellence goes to Apache</A>"
  </STRONG>
  </P>
  <BLOCKQUOTE>
   <EM>"Part of Apache's charm is that it costs nothing and that its source
   code is freely available for anyone to take and customize or
   extend. Of course, free wouldn't count for much if the software
   didn't work, but the Apache Project has built a stable, speedy Web
   server that runs on almost all flavors of Unix, OS/2, and even
   Windows."</EM>
  </BLOCKQUOTE>
  
  <P>
  <STRONG>
   <CITE>Computer Currents</CITE>, 3 Mar 1998:
   "<A HREF="http://www.currents.net/magazine/national/1605/inet1605.html"
    >Intranet Explorer: Free Service</A>"
  </STRONG>
  </P>
  <BLOCKQUOTE>
   <EM>"All in all, the latest releases of Apache are attractive solutions for
   anyone who wants to run a Web site. You get cross-platform support,
   adherence to the important standards, and a fast, powerful Web server
   that's easy to set up and maintain. And the price is right. If you're
   looking for a Web server, definitely take a look at Apache."</EM>
  </BLOCKQUOTE>
  
  <P>
  <STRONG>
   C|Net's <CITE>BUILDER.COM</CITE>, 24 Feb 1998:
   "<A HREF="http://builder.cnet.com/Servers/NtWeb/ss05.html"
    >Running on NT: 5 Web servers compared - Apache 1.3b3</A>"
  </STRONG>
  </P>
  <BLOCKQUOTE>
   <EM>"Apache is the ultimate in minimalist server software. There's
   no fancy Windows- or HTML-based administration interface,
   just a few text configuration files that you edit in your
   favorite text editor. For people weaned on fancy GUIs, the
   text files take a bit of getting used to. After a while,
   though, you'll appreciate the absolute control they offer.
   With a GUI, you can never really be sure what's happening
   behind the scenes. With Apache you know, because you're
   the one editing all the configuration information by hand."</EM>
  </BLOCKQUOTE>
  
  <P>
  <STRONG>
   <CITE>Wired News</CITE>, 9 Feb 1998:
   "<A HREF="http://www.wired.com/news/news/technology/story/10136.html"
    >Filename Bug Leaves Servers Open to Snoops</A>"
  </STRONG>
  </P>
  <BLOCKQUOTE>
   <EM>"Marc Slemko, a Canadian university student and
   member of the Apache Web Project, discovered the
   bug in January while testing the new Windows NT
   version of the Apache web server for potential
   security problems."</EM>
  </BLOCKQUOTE>
  
  <P>
  <STRONG>
   C|Net's <CITE>News.com</CITE>, 1 Feb 1998:
   "<A HREF="http://www.news.com/SpecialFeatures/0,5,18652,00.html"
    >Source Code for the Masses</A>"
  </STRONG>
  </P>
  <BLOCKQUOTE>
   <EM>"The freeware philosophy
   places the responsibility of creating, changing,
   and debugging complex systems in the hands
   of complete strangers linked only by the
   Internet and their love of technology."</EM>
  </BLOCKQUOTE>
  
  <P>
  <STRONG>
   <CITE>ABCNews.com</CITE>, 29 Jan 1998:
   "<A HREF="http://more.abcnews.go.com/sections/business/apache_0129/index.html"
    >Apache: Peaceful Web Warrior</A>"
  </STRONG>
  </P>
  <BLOCKQUOTE>
   <EM>"Most of the people in the Apache Group are old
   Web veterans," says Apache member Jim Jagielski. "We
   love the Web and we love Apache. Its very similar to
   how things used to be in the early days."</EM>
  </BLOCKQUOTE>
  
  <P>
  <STRONG>
   Various, 22 Jan 1998: Netscape Releases Source to Navigator 5.0
  </STRONG>
  </P>
  <BLOCKQUOTE>
   Netscape has decided to release source code to their Navigator
   product line; a move that has been compared favorably to the methods
   by which Apache is developed. Here are some links to stories on the
   announcement which mentioned Apache:
   <UL>
    <LI><STRONG><CITE>Wired News</CITE>:
        "<A HREF="http://www.wired.com/news/news/technology/story/9813.html"
         >Netscape Frees Communicator 5.0 Code</A>"</STRONG>
    </LI>
    <LI><STRONG><CITE>ZDNews</CITE>:
        "<A NAME="http://headlines.yahoo.com/zdnews/stories/885575313.html"
         >Netscape's harshest critic: A 'brilliant move'</A>"</STRONG>
         (no longer available)
    </LI>
    <LI><STRONG>C|Net's <CITE>News.com</CITE>:
        "<A HREF="http://www.news.com/News/Item/0,4,18392,00.html"
         >Netscape's play: Bold or desperate?</A>"</STRONG>
    </LI>
    <LI><STRONG><CITE>MSNBC</CITE>:
        "<A HREF="http://www.msnbc.com/news/139296.asp"
         >A Titanic challenge to Microsoft</A>"</STRONG>
    </LI>
   </UL>
  </BLOCKQUOTE>
  
  <P>
  <STRONG>
   <CITE>CNN Custom News</CITE>, 6 Jan 1998:
   "<A NAME="http://customnews.cnn.com/cnews/pna.show_story?p_art_id=2216942&p_section_name=S"
    >Apache Servers Pass 50% in Web Server Survey</A>"
  </STRONG>
  (no longer available)
  <P>
  <BLOCKQUOTE>
   <EM>"The Apache Web server, and its related versions, can now be found on
   over half of all servers on the open Internet, according to the
   January Web server survey of Britain's Netcraft. The company
   automatically polled 1,834,710 Web sites for its latest survey."</EM>
  </BLOCKQUOTE>
  
  <P>
  <STRONG>
   <CITE>Internetnews.com</CITE>, 5 Jan 1998:
   "<A HREF="http://www.internetnews.com/wd-news/1998/01/0501-apache.html"
    >Apache Server Still the King</A>"
  </STRONG>
  </P>
  <BLOCKQUOTE>
   <EM>"The Apache Web Server initially got its start as a set of patches to
   the original NCSA Web Server in 1995. It was one of the first servers
   to implement the HTTP/1.1 protocol, and has since established itself
   as the leading Web server, far surpassing both Microsoft and Netscape
   Web servers."</EM>
  </BLOCKQUOTE>
  
  <P>
  <STRONG>
   Apache Group Press Release, 5 Jan 1998:
   "<A HREF="http://www.apache.org/press/05Jan98.txt"
    >Apache Webserver Serves Over Half The Internet</A>"
  </STRONG>
  </P>
  <BLOCKQUOTE>
   <EM>"The Apache Web Server, from the Apache Group, now serves over half
   the domains on the Internet, according to the latest Netcraft Web
   Server Survey."</EM>
  </BLOCKQUOTE>
  
  
  <HR>
  
  </BODY>
  </HTML>
  
  
  
  1.1                  httpd-site/xdocs/info/index.xml
  
  Index: index.xml
  ===================================================================
  <document>
    <properties>
      <author email="docs@httpd.apache.org">Documentation Group</author>
      <title>Apache Miscellaneous Information</title>
    </properties>
  <body>
  
  <section id="library">
  <title>Project Library</title>
  <p>The <a href="../library/">Project Library</a> contains links to 
  various documents and resources relevant to the Apache Web server.</p>
  </section>
  
  <section id="css-security">
  <title>Cross Site Scripting security problem</title>
  <p><a href="css-security/">Information</a> on a security vulnerability resulting from the interaction 
  between client-side scripting and server-side dynamic content.</p>
  </section>
  
  <section id="dev">
  <title>Apache Development Site</title>
  <p>The <a href="../dev/">Apache development section</a> includes 
  information for Apache developers and folks interested in testing 
  development releases of Apache software.</p>
  </section>
  
  <section id="books">
  <title>Apache Books</title>
  <p>A <a href="apache_books.html">list of books</a> written about the 
  Apache Web server.</p>
  </section>
  
  <section id="mirror">
  <title>How to mirror</title>
  <p>A <a href="how-to-mirror.html">description</a> of how to setup your site as an Apache mirror.</p>
  </section>
  
  <section id="support">
  <title>Organizations providing support</title>
  <p>A <a href="http://www.apache.org/info/support.cgi">list of organizations</a>
  that provide third-party commercial support for the Apache server.</p>
  </section>
  
  <section id="older">
  <title>Older Information</title>
  The documents below are mainly of historical interest.
    <dl>
     <dt><a href="../info.html">Information on the Apache HTTP Server Project</a></dt>
     <dd>An obsolete description of some background information related to
  	the Apache Project.</dd>
     <dt><a href="known_bugs.html">Known Bugs in Apache</a></dt>
     <dd>This is a list of the most important bugs in each version.</dd>
     <dt><a href="security_bulletin_1.2.5.html">Security Advisory</a></dt>
     <dd>A security advisory discussing possible security issues in Apache 
         versions before 1.2.5, including 1.3 beta versions up to 
         and including 1.3b3.</dd>
     <dt><a href="http://www.faure.de/Apache+SSL+PHP+fp-howto-1p.html"
         >General-Purpose Server Configuration</a></dt>
     <dd>A user-written 'howto' describing setting up Apache with SSL,
      PHP version 2, and FrontPage.</dd>
     <dt><a href="aol-http.html">AOL and HTTP/1.1</a></dt>
     <dd>A description of AOL's poorly thought out decision to try to
         force their own standards on the web.</dd>
     <dt><a href="apache_nt.html">Apache and Windows NT</a></dt>
     <dd>A description of the progress of Apache for the
         Windows NT platform.</dd>
     <dt><a href="jdk-102.html">JDK 1.0.2</a></dt>
     <dd>Explanation of problems encountered when using Sun's JDK v1.0.2
         with Apache 1.2 and later.</dd>
     <dt><a href="three-config-files.html">Three Config Files</a></dt>
     <dd>An old explanation of why Apache had three separate config 
         files.</dd>
    </dl>
  </section>
  </body>
  </document>
  
  
  
  1.1                  httpd-site/xdocs/info/jdk-102.html
  
  Index: jdk-102.html
  ===================================================================
  <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
  <HTML>
   <HEAD>
    <TITLE>Java and HTTP/1.1
    </TITLE>
   </HEAD>
   <!-- Background white, links blue (unvisited), navy (visited), red (active) -->
   <BODY BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#0000FF" VLINK="#000080" 
         ALINK="#FF0000">
    <DIV ALIGN="CENTER">
     <IMG
      SRC="../images/apache_sub.gif"
      ALT="[APACHE DOCUMENTATION]"
     >
    </DIV>
    <H1 ALIGN="CENTER">
     Java and HTTP/1.1
    </H1>
    <HR>
    <P>
    The Apache Group has received a few reports concerning problems
    accessing Apache 1.2 sites using Java applications and applets.
    Investigation revealed a problem in Sun's JDK (Java Development Kit)
    version 1.0.2.
    </P>
    <H3>
     So, What's The Problem?
    </H3>
    <P>
    The symptom of the problem is this: Java classes involved in
    accessing Web URLs (such as <SAMP>URLConnection</SAMP> and friends)
    will return the HTTP headers as well as the document contents.  That
    is, if you use <SAMP>URLConnection</SAMP> to access an URL such as
    <SAMP>http://localhost/foo.gif</SAMP> and your <SAMP>localhost</SAMP>
    server responds with HTTP/1.1 headers, your code is going to receive
    the textual headers before the actual image contents.
    </P>
    <H3>
     What's The Solution?
    </H3>
    <P>
    This problem was identified and corrected by Sun in September of 1996,
    and the fix is present in the JDK 1.1 and JDK 1.1.1 releases.  So any
    applets or applications that run in either of these post-1.0.2
    environments should work correctly.
    </P>
    <P>
    In addition, the foundation class which contained the problem is one
    that is labeled as a &quot;manufacturer specific handler&quot;, and is
    typically supplied by the vendor porting the Java virtual machine
    environment.  So there's a good chance that fairly-recent browsers
    won't have this problem, because the vendors will have provided an
    implementation class that didn't inherit the problem in the JDK 1.0.2
    class library.
    </P>
    <H3>
     Is There a Workaround?
    </H3>
    <P>
    Yes and no:
    </P>
    <DL COMPACT>
     <DT><STRONG>Yes</STRONG>
     </DT>
     <DD>If you run an Apache 1.2 server, you can instruct the server to
      &quot;fake&quot; HTTP/1.0 responses by adding
      <A
       HREF="../docs/mod/mod_browser.html#browsermatch"
      ><SAMP>BrowserMatch</SAMP></A>
      directives to the configuration files.  (See the
      <A
       HREF="../docs/misc/FAQ.html#jdk1-and-http1.1"
      >Apache FAQ</A>
      for exact details.)  By doing this, any client on the net that
      accesses your server using Java and the JDK 1.0.2 class library will
      get the response it expects.
      <P>
      </P>
     </DD>
     <DT><STRONG>No</STRONG>
     </DT>
     <DD>If you <EM>as an user</EM> are encountering this problem, there
      is no real workaround (other than contacting the webmaster of the
      server(s) involved and bringing it to their attention).  Your best
      action is to upgrade to a &quot;safe&quot; virtual machine such as
      JDK 1.1.1 or Mozilla 3.01 or later.
      <P>
      </P>
     </DD>
    </DL>
    <P>
    </P>
    <HR>
    <H5>
     Thanks for identifying this problem and its causes, workarounds, and
     solutions are due to many individuals around the net.
    </H5>
   </BODY>
  </HTML>
  
  
  
  1.1                  httpd-site/xdocs/info/known_bugs.html
  
  Index: known_bugs.html
  ===================================================================
  <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
  <HTML>
  <HEAD>
  <TITLE>Apache HTTP Server Project</TITLE>
  </HEAD>
  
  <!-- Background white, links blue (unvisited), navy (visited), red (active) -->
  <BODY
   BGCOLOR="#FFFFFF"
   TEXT="#000000"
   LINK="#0000FF"
   VLINK="#000080"
   ALINK="#FF0000"
  >
  <IMG SRC="../images/apache_sub.gif" ALT="">
  <H1 ALIGN="CENTER">Known Bugs in Apache</H1>
  
  The most up-to-date resource for bug tracking and information is the
  <A HREF="http://bugs.apache.org/">Apache bug database</A>.
  Significant bugs at release time will also be noted there.
  If you are running a 1.3 beta release, or version 1.2.X or earlier
  and think you have found a bug, please upgrade to 1.3. Many bugs
  in early versions have been fixed in 1.3.  
  
  <P>This document is not a complete list of known bugs, but simply
  a list of some of the more common ones.  <FONT COLOR="red">Be sure
  to check the bug database before assuming that if it isn't listed
  here it isn't reported or fixed.</FONT>
  
  <P>If you see a reference to a fix appearing in a version which has
  not yet been officially released, you can get a snapshot of the
  current CVS tree from <A HREF="http://httpd.apache.org/from-cvs/">the
  CVS snapshot directory</A>.
  
  <P>See Also: <A HREF="../docs/misc/compat_notes.html">Compatibility notes</A>,
  and <A HREF="../docs/misc/known_client_problems.html">our list of known client
  problems</A>.</P>
  <HR>
  
  <H2>Apache 1.3.4 Bugs</H2>
  
  <OL>
  <LI><STRONG>Win32 only</STRONG> Apache will not serve filenames starting 
      with "<CODE>COM</CODE>" or containing "<CODE>.COM</CODE>". Instead
      it will respond with a 403 Forbidden message, and log the error
      "<CODE>Filename is not valid</CODE>".  See <A
      HREF="http://bugs.apache.org/index/full/3769">PR#3769</A>.
  <LI><STRONG>Unix only</STRONG> "<CODE>make install</CODE>" fails on
      some operating systems. This occurs when the operating system
      version of tar does not support the "h" option. It has been reported
      on SCO and BSDI. It does not affect systems which use GNU tar.
      See <A HREF="http://bugs.apache.org/index/full/3807">PR#3807</A>.
  </OL>
  
  <H2>Apache 1.3.0 Bugs</H2>
  
  <OL>
  <LI>On NT, "#exec cmd" in SSI pages does not work.  No fix available yet.
  <LI>On NT, mod_rewrite doesn't properly spawn children for logging 
      and URL mapping.  Fixed in 1.3.1, <A 
      HREF="http://www.apache.org/websrc/viewcvs.cgi/apache-1.3/src/modules/standard/mod_rewrite.c.diff?r1=1.113&r2=1.114">patch 
      available here.</A>
  <LI>NeXT didn't compile completely; fixed in 1.3.1.
  </OL>
  
  <H2>Apache 1.3b7 Bugs</H2>
  
  <OL>
  <LI><STRONG>Win32 only</STRONG> CGI scripts do not work because of two
      problems. First, the CGI environment variables are not being
      passed on to the script. See <A
      HREF="http://bugs.apache.org/index/full/2294">PR#2294</A> for more
      details.  Secondly, the current working directory of the script
      is not being set, which affected scripts which relied on the
      directory being set to the directory containg the CGI program
      itself (although this is not a requirement of the CGI/1.1
      specification). See <A
      HREF="http://bugs.apache.org/index/full/2317">PR#2317</A> for more
      details.  These bugs have been fixed in 1.3.0.
  
  <LI>The $ character inside an SSI directive is not being correctly 
      interpreted unless it marked the start of a variable. In
      particular, it does not work for marking the end of line in a
      regular expression.  See <A
      HREF="http://bugs.apache.org/index/full/1921">PR#1921</A> and <A
      HREF="http://bugs.apache.org/index/full/2249">PR#2249</A> for more
      details.  This bug has been fixed in 1.3.0
  
  </OL>
  
  <H2>Apache 1.3b5 Bugs</H2>
  
  <OL>
  <LI>Certain mod_rewrite configurations do not work correctly.  Apply
      <A HREF="http://www.apache.org/dist/httpd/patches/apply_to_1.3b5/PR1847.patch">this
      patch</A> to fix the problem.  See
      <A HREF="http://bugs.apache.org/index/full/1847">PR#1847</A> for more details.
  <LI>Using multiple arguments to UserDir does not work correctly.  Apply
      <A HREF="http://www.apache.org/dist/httpd/patches/apply_to_1.3b5/PR1850.patch">this
      patch</A> to fix the problem.  See
      <A HREF="http://bugs.apache.org/index/full/1850">PR#1850</A> for more details.
  <LI>absoluteURI parsing is broken, so the proxy won't work.   Apply
      <A HREF="http://www.apache.org/dist/httpd/patches/apply_to_1.3b5/PR1889.patch">this
      patch</A> to fix the problem.  See
      <A HREF="http://bugs.apache.org/index/full/1889">PR#1889</A> for more details
  <LI><STRONG>Win32 only</STRONG> Use of #! at the start of a CGI script file
      does not work unless the interpreter filename includes the
      extension (e.g. use <SAMP>#!c:/bin/perl.exe</SAMP> instead of
      <SAMP>#!c:/bin/perl</SAMP>).
  <LI><STRONG>NT only</STRONG> When installed as a service, Apache expects
      to find its ServerRoot at \Apache on the system disk. See 
      <A HREF="http://bugs.apache.org/index/full/1489">PR#1489</A>.
  <LI><STRONG>Win32 only</STRONG> The <CODE>Alias</CODE> directive does not
      work if the target is a root directory, e.g. D:/. See 
      <A HREF="http://bugs.apache.org/index/full/1558">PR#1558</A>.
  <LI><STRONG>Win32 only</STRONG> Repeated concurrent requests to a CGI
      program can cause Apache to lock-up. See 
      <A HREF="http://bugs.apache.org/index/full/1129">PR#1129</A> and
      <A HREF="http://bugs.apache.org/index/full/1607">PR#1607</A>.
  
  </OL>
  
  <H2>Apache 1.3b3 Bugs</H2>
  
  <OL>
  <LI>The error_log may contain "(0)Unknown error: mmap_handler:
      mmap failed" errors.  Ignore them, it is a logic error and does not
      indicate any problem.  This will be corrected in a later beta.
  <LI>Servers operating in inetd mode will not properly implement timeouts.
      (Neither do servers operating with the -X command line switch for
      debugging.)
      This will be corrected in a later beta.  A workaround for now is
      to edit <CODE>src/main/httpd.h</CODE> and remove the definition
      of <CODE>OPTIMIZE_TIMEOUTS</CODE> near the bottom.
  <LI><STRONG>Win32 only:</STRONG> Building from source may fail because the buildmark.obj
      file does not exist. Edit <CODE>Makefile.nt</CODE> and replace the
      line <CODE>del CoreR\buildmark.obj</CODE> with <CODE>-del
      CoreR\buildmark.obj</CODE> (and similarly for <CODE>del
      CoreD\buildmark.obj</CODE>). See 
      <A HREF="http://bugs.apache.org/index/full/1473">PR#1473</A>.
  <LI><STRONG>Solaris 2.6</STRONG> users may have troubles compiling the server with
      gcc.  As is frequently the case with gcc compilation troubles, this
      is the result of an improperly built gcc.  The gcc for solaris 2.6
      found at <A HREF="http://www.sunfreeware.com/">www.sunfreeware.com</A> 
      is now built with the release version of solaris 2.6.  The release version
      of solaris 2.6 changed a few header files enough that the beta-built
      gcc won't work with it.  There are two workarounds mentioned in
      <A HREF="http://bugs.apache.org/index/full/1336">PR#1336</A>.
      <STRONG>This is not an Apache bug, and no code will be changed to deal with
      it.</STRONG>
  <LI><STRONG>NT only</STRONG> When installed as a service, Apache expects
      to find its ServerRoot at \Apache on the system disk. See 
      <A HREF="http://bugs.apache.org/index/full/1489">PR#1489</A>.
  <LI><STRONG>Win32 only</STRONG> The <CODE>Alias</CODE> directive does not
      work if the target is a root directory, e.g. D:/. See 
      <A HREF="http://bugs.apache.org/index/full/1558">PR#1558</A>.
  <LI><STRONG>Win32 only</STRONG> Repeated concurrent requests to a CGI
      program can cause Apache to lock-up. See 
      <A HREF="http://bugs.apache.org/index/full/1129">PR#1129</A> and
      <A HREF="http://bugs.apache.org/index/full/1607">PR#1607</A>.
  <LI><STRONG>Win32 only</STRONG> Apache requires the file 
      <CODE>MSVCRT.DLL</CODE> to run. This is a Microsoft
      redistributable file required for all C programs compiled by
      MSVC++. Many other programs will require it, so it is already
      installed on most systems. If Apache will not start because this
      file is missing you can download it from <A
      HREF="ftp://ftp.microsoft.com/Softlib/MSLFILES/msvcrt.exe">
      ftp://ftp.microsoft.com/Softlib/MSLFILES/msvcrt.exe</A>. See <A
      HREF="http://bugs.apache.org/index/full/1736">PR#1736</A>.
  </OL>
  
  <H2>Apache 1.3b2 Bugs</H2>
  
  <H3>Win32 only</H3>
  <OL>
  <LI>CGI scripts that are called with information appended to the script
      name that does <STRONG>not</STRONG> have an "<CODE>=</CODE>" in it
      do not work. 
      See <A HREF="http://bugs.apache.org/index/full/1030">PR#1030</A>
  <LI>Passwords stored in htpasswd files need to be stored in plain text,
      since we do not yet have a <CODE>crypt()</CODE> under Win32.
  <LI>On Windows 95, <CODE>DirectoryIndex</CODE> does not work.
      See <A HREF="http://bugs.apache.org/index/full/1266">PR#1266</A>
  <LI>On some versions of Windows 95, CGI scripts fail and paths given
      with "#!" must contains \ instead of /.
  <LI>When a CGI starts with "#!" to indicate an interpreter there must
      be no space between the #! and the path.
      See <A HREF="http://bugs.apache.org/index/full/1101">PR#1101</A>
  <LI>If the CGI program cannot be run Apache logs a "premature end-of-headers"
      error instead of an error about running the program.
      See <A HREF="http://bugs.apache.org/index/full/1257">PR#1257</A>
  </OL>
  <H3>Unix only</H3>
  <OL>
  <LI>The USE_FLOCK_SERIALIZED_ACCEPT define is completely broken and does
      not work at all.  It has been this way since birth.  A fix is pending.
  <LI>Apache 1.3b2 doesn't seem to work for more than 6 hours on a Digital UNIX
      (n&eacute;e DEC OSF/1) 3.2G system unless the following patches are
      applied: OSFPAT00017700375 and OSFPAT00018000375.  (See
      <A HREF="http://bugs.apache.org/index/full/1314">PR #1314</A> for
      full details.
  </LI>
  </OL>
  <HR>
  <H2>Apache 1.3a1 Bugs</H2>
  
  <OL>
    <LI>The <CODE><A HREF="../docs/mod/core.html#listen">Listen</A></CODE>
        directive does not work when running under Windows.
    <LI>For some reason, <A HREF="../docs/mod/mod_isapi.html">mod_isapi</A>
        does not work (with Windows) when compiled using the
        <CODE>Release</CODE> setting; it will crash the server whenever you
        access an ISA DLL. It works fine when the server is compiled with
        <CODE>Debug</CODE>.
  </OL>
        
  <H2>Apache 1.2 Bugs</H2>
  <H3>Bugs still present in 1.2.4</H3>
  <OL>
      <LI><A NAME="listenbug">On some architectures</A>
      if your configuration uses multiple
      <A HREF="../docs/mod/core.html#listen">Listen</A> directives then it is possible
      that the server will starve one of the sockets while serving hits on
      another.  The work-around is to add
      <CODE>-DUSE_FLOCK_SERIALIZED_ACCEPT</CODE> to the
      <CODE>EXTRA_CFLAGS</CODE> line in your Configuration and rebuild.
      (If you encounter problems with that, you can also try
      <CODE>-DUSE_FCNTL_SERIALIZED_ACCEPT</CODE>.)
      This affects any architecture that doesn't use one of the
      <CODE>USE_xxxxx_SERIALIZED_ACCEPT</CODE> definitions, see the
      source file <CODE>conf.h</CODE> for your architecture.
      This is being tracked as
      <A HREF="http://bugs.apache.org/index/full/467">PR#467</A>.
      <P>To resolve this problem, we are adding one of the above settings
      to the default settings for platforms as we discover which is 
      appropriate for them.  <STRONG>New as of 1.3b3:</STRONG> the server will
      issue a warning when your architecture/config are subject to
      this bug.  The fixes and such are described in the PORTING
      file.  We are closing out this bug.
      </LI><P>
  
      <LI>
      The PATH_INFO part of a request URI cannot include the sequence
      <CODE>%2f</CODE>. This will be tracked as
      <A HREF="http://bugs.apache.org/index/full/543">PR#543</A>.
      </LI><P>
  
      <LI>Users of early 1.2 betas reported problems with many
      connections stuck in the FIN_WAIT_2 state due to server
      timeouts. Several changes were made during the beta testing of 1.2
      to reduce this problem as much as possible, although you may still
      see sockets in FIN_WAIT_2 state due to network or operating system
      issues outside the control of Apache. See our
      <A HREF="../docs/misc/fin_wait_2.html">FIN_WAIT_2 page</A> for more
      details.
  
      <P>SunOS4 has a kernel bug in the allocation of memory for the mbuf table.
      When it fills up, the result is a Panic the next time any routine tries
      to set something in an imaginary mbuf beyond the range of the table.
      Due to buggy browser behavior and the lack of a FIN_WAIT_2 timeout
      on SunOS4, "KeepAlive Off" is necessary to avoid filling up the mbuf
      table on busy sites.
      </LI><P>
  
      <LI>
      Compiling on Solaris 2 with SunSoft's C compiler gives the warning
      <CODE>"mod_include.c", line 1123: warning: end-of-loop code not
      reached</CODE>. This is a bogus warning and can be ignored.
      See <A HREF="http://bugs.apache.org/index/full/681">PR#681</A>.
      </LI><P>
  
      <LI>If compilation fails complaining about "unknown symbol __inet_ntoa()"
      then you have probably installed version 8 of bind. You will need to
      explicitly link with the bind library by adding <CODE>-lbind</CODE>
      to <CODE>EXTRA_LDFLAGS</CODE> in <CODE>Configuration</CODE>. See
      <A HREF="http://bugs.apache.org/index/full/616">PR#616</A>
      and the
      <A HREF="../docs/misc/FAQ.html#bind8.1">Apache FAQ</A>.  This is not a bug
      in Apache.
      </LI><P>
  
      <LI>The message "<CODE>created shared memory segment #730499</CODE>"
      in error_log is not an error and should be ignored. See
      <A HREF="http://bugs.apache.org/index/full/696">PR#696</A>.
      </LI><P>
  </OL>
  
  <H3>Fixed in 1.2.4:</H3>
  <OL>
      <LI>
      On Solaris 2.x the server will stop running after receiving a
      SIGHUP.  Four workarounds exist (choose one):<P>
      <UL>
  	<LI>Recommended: upgrade to 1.2.4.
  	<LI>If you are running Apache 1.2.1, retrieve 
  	<A HREF="http://www.apache.org/dist/httpd/patches/apply_to_1.2.1/solaris_hup.patch">this patch</A>.
  	<CODE>cd</CODE> to your <CODE>apache_1.2.1</CODE> directory, and
  	type <CODE>patch -s -p1 &lt; /path/to/patchfile</CODE>.  Then rebuild
  	Apache.<P>
  	<LI>Use SIGUSR1 instead of SIGHUP, see <A HREF="../docs/stopping.html">
  	Stopping and Restarting Apache</A> for more details.<P>
  	<LI>Add <CODE>-DNO_SLACK</CODE> to
  	<CODE>EXTRA_CFLAGS</CODE> in
  	your <CODE>Configuration</CODE> file, re-run <CODE>Configure</CODE>
  	and rebuild your server.  This disables the
  	<A HREF="../docs/misc/descriptors.html">descriptor slack workaround</A>
      </UL><P>
      This problem was tracked as
      <A HREF="http://bugs.apache.org/index/full/832">PR#832</A>.
      </LI><P>
  
      <LI>(Exists in 1.2.0 and in 1.2.1 after either of the
      <CODE>NO_SLACK</CODE> or patch provided by the previous bug are applied.)
      Solaris 2.5.1 (and probably other versions of Solaris) appear to have
      a race condition completely unrelated to all the others.  It is possible
      during a SIGHUP that the server will fail to start because it will not
      be able to re-open its sockets.  To our knowledge this has only shown
      up during testing when we pummel the server with as many SIGHUP requests
      per second as we can.  This appears unrelated to the similar sounding bug
      described in <A HREF="http://bugs.apache.org/index/full/832">PR#832</A>.
  </OL>
  <P>
  
  <H3>Fixed in 1.2.1</H3>
  <OL>
      <LI><A HREF="../docs/misc/descriptors.html"><STRONG>Workaround added</STRONG></A>
      There appears to be a problem on BSDI 2.1 with large numbers of
      virtual hosts. This appears similar to a file-descriptor limit
      but BSDI should not have this problem. This will be tracked as
      <A HREF="http://bugs.apache.org/index/full/611">PR#611</A>.
      See also the <A HREF="../docs/misc/FAQ.html#fdlim">Apache FAQ</A>.
      </LI><P>
  
      <LI><A HREF="../docs/misc/descriptors.html"><STRONG>Workaround added</STRONG></A>.
      Solaris 2 has problems with large numbers of virtual hosts. This is
      because of an operating system limit of 256 file pointers, not due
      to Apache.   See also the
      <A HREF="../docs/misc/FAQ.html#fdlim">Apache FAQ</A>.
      </LI><P>
  
      <LI>
      <A NAME="cnegbug">Apache's</A>
      <A HREF="../docs/content-negotiation.html">Content
      Negotiation</A> should pick the smallest variant if there
      are several that are equally acceptable. A bug in 1.2 means it no
      longer does this unless all the variants have character sets.
      This <A HREF="http://www.apache.org/dist/httpd/contrib/patches/1.2/conneg-bug.patch">patch</A>
      fixes this problem. It also fixes the problem which makes Apache
      pick the last equally acceptable variant instead of the first.
      This will be tracked as
      <A HREF="http://bugs.apache.org/index/full/94">PR#94</A>.
      </LI><P>
  
      <LI><P>Compilation fails on SCO3 when using gcc instead of cc, complaining
      with "<CODE>gcc: noinline: No such file or directory</CODE>". Fix
      is given in <A HREF="http://bugs.apache.org/index/full/695">PR#695</A>.
      </LI>
  </OL>
  </BODY>
  </HTML>
  
  
  
  
  1.1                  httpd-site/xdocs/info/security_bulletin_1.2.5.html
  
  Index: security_bulletin_1.2.5.html
  ===================================================================
  <HTML><HEAD>
  <TITLE>Apache Security Advisory</TITLE>
  </HEAD>
  <!-- Background white, links blue (unvisited), navy (visited), red (active) -->
  <BODY
   BGCOLOR="#FFFFFF"
   TEXT="#000000"
   LINK="#0000FF"
   VLINK="#000080"
   ALINK="#FF0000"
  >
  <DIV ALIGN="CENTER">
  <IMG
   SRC="../images/apache_sub.gif"
   ALT="[APACHE DOCUMENTATION]"
  >
  </DIV>
  
  <H1 ALIGN="CENTER">Apache Security Advisory</H1>
  <PRE>
  Release Date: Tuesday, January 6 1998
  Topic: Possible security issues with Apache in some configurations
  
  
  Summary of Issues
  ============================================================
  
  This advisory is to inform all Apache users of several possible
  security issues that have been discovered during an internal security
  review of the Apache source code.
  
  DO NOT BE ALARMED BY THIS ADVISORY.  This is a pro-active step
  designed to be certain that users of Apache are advised of the
  issues and can take appropriate action to minimize their risk.
  
  None of these holes allow for a root compromise (they only impact
  the user Apache runs as, as set with the "User" directive; if you
  have this user set to root, then fix your configuration now because
  you probably have a gaping security hole) and they generally
  require that a user already have access to the system before they
  can exploit them, meaning that on a large number of systems they
  are of little practical concern.  Some of the issues that have been
  addressed might not be exploitable in real-world conditions.
  
  In some security environments, however, they may be of more concern.
  The administrator of the system running Apache is the only one who
  can make the judgment call as to how significant the below issues
  are in their environment.
  
  Resolution of Problems
  ======================
  
  We very strongly recommend that anyone using versions of Apache
  previous to 1.2 or earlier 1.2 versions upgrade to the newly released
  1.2.5.  It is now available at
  
  	http://www.apache.org/dist/httpd/
  
  There are no plans for an immediate 1.3b4 release to correct these
  problems in the 1.3 beta development tree, however we will make 
  patches for 1.3b3 to correct these issues available at 
  
  	http://www.apache.org/dist/httpd/patches/apply_to_1.3b3/
  
  in the near future.
  
  
  Technical Description of Issues
  ===============================
  
  Below is a step by step technical description of the potential
  problems discovered.  Read the below only if you wish to understand
  the details of the problems to better judge how they impact your
  server and if you have a solid grounding in how Apache works.  If
  in doubt, you are advised to simply upgrade to 1.2.5 as soon as
  practical.
  
  
  I.   Buffer overflow in cfg_getline()
  
  	RISK: medium
  
  	cfg_getline() is a function that the Apache core and several
  	Apache modules use to read certain types of files from disk.
  	Some examples of the type of files that read with this are
  	htaccess, htpasswd and mod_imap files.
  
  	It is possible to create a sequence of data such that a
  	buffer overflow occurs while cfg_getline is reading from
  	a file.  If someone has access to create any of these types
  	of files on the server, this hole is generally exploitable
  	to gain full access to the user Apache runs as.
  
  	On most systems, this is of little consequence since users 
  	already have such access via methods such as the creation of 
  	their own CGI scripts.  If, however, the server is secured
  	so that the user has no access to the server other than to
  	create and modify files (eg. a "ftp only" account with no
  	ability to create CGI scripts) this could allow increased
  	access to the server.
  
  
  II.  Several coding errors in mod_include
  
  	RISK: medium
  
  	There are several coding problems in mod_include which can
  	result in a buffer overflow or in the child process going
  	into an infinite loop.
  
  	The same comments about the nature of the risk apply here as
  	do for the cfg_getline() overflow.  Generally, a user already
  	needs to have access to the server to exploit this.  Note that
  	it is possible to setup a document which deliberately allows this
  	to be remotely exploited, however such a document would be very
  	rare in practice.
  
  	If you do not allow users to use mod_include, then they
  	can not exploit these holes.
  
  
  III. Inefficient removal of duplicate '/'s ("beck" exploit)
  
  	RISK: medium
  
  	The code in the no2slash() function used to collapse multiple
  	'/'s in a request for access checking purposes is very
  	inefficient.  It is O(n^2) in the number of '/'s in the
  	input.  What this means is that as the input size grows,
  	it very quickly requires vastly increased CPU time to
  	process the request.  By sending many requests with a large
  	number of '/'s in to a server, it is possible to cause a
  	large amount of CPU time to be used in processing these
  	requests.  Making multiple simultaneous requests of this
  	nature could result in a high load average, high CPU usage,
  	and possibly starving other processes for CPU resulting in
  	a denial of service attack.  This does not allow for any
  	compromise of the server.
  
  	The fixed version of the no2slash() function is O(n) and
  	does not allow for this attack.
  
  	Thanks to Michal Zalewski &lt;lcamtuf@boss.staszic.waw.pl&gt; for
  	discovering this bug and reporting it on the BUGTRAQ 
  	mailing list along with the "beck" script that can be 
  	used to exploit it.
  
  
  IV.  Possible buffer overflow in "logresolve" program.
  	
  	RISK: low
  
  	The logresolve program is used for non-realtime processing of
  	logfiles to convert numeric IP addresses into host names.
  	In some cases, it may be possible for a remote user who has
  	control of a DNS server to return a hostname specifically 
  	designed to exploit a coding hole in logresolve.
  
  	This can only happen on a system where either the MAXDNAME
  	define does not exist and the resolver can return names
  	longer than 256 characters or where the MAXDNAME define
  	does exist but is less than the maximum length of hostname
  	that the resolver can return.  Even on such (arguably
  	broken) systems, this would be very difficult to exploit.
  	The number of systems which are impacted by this is very
  	small.  
  
  	This problem is a potential concern only if you use the 
  	logresolve program.
  
  
  V.   Insufficient data validation in mod_proxy
  
  	RISK: low
  
  	The ftp proxy part of mod_proxy accepts directory listings
  	from remote ftp servers and converts them to HTML to send
  	to the client.  It is possible to deliberately create a 
  	listing that will cause Apache to dump core.
  
  	This hole does not compromise the server; the only risk
  	is that it would be possible to use this to create a 
  	denial of service attack which would render the server
  	effectively inoperative.
  
  	If you do not use mod_proxy, you are not vulnerable to this.
  	If you restrict the use of mod_proxy, then only those users
  	who are permitted to use it can attempt to exploit this
  	problem.
  
  
  VI.  Possible buffer overflow reading from the proxy cache
  
  	RISK: low
  
  	When caching is enabled in mod_proxy, Apache writes cached
  	files to disk as the user that the server runs as.  If an
  	attacker can gain access to this user id (eg. by running
  	a CGI script from a pre-existing account on the machine)
  	then they can modify the filenames on disk resulting in a
  	buffer overflow.  
  
  	Because the data is limited to what can be stored in a
  	filename (not the file, just the filename), and they already
  	need to have access to the user ID the server runs as to
  	exploit this, the risk is minimal.
  
  	The main instance where this may be a cause for concern is if
  	there is privileged information stored in memory by the 
  	web server, such as an unencrypted SSL key.  This same
  	caution, however, applies to the other buffer overflows
  	listed.
  
  	If you do not use mod_proxy, this problem can not be
  	exploited.
  
  
  VII. Unreadable htaccess files were ignored
  
  	RISK: low
  
  	Previously, if a htaccess file was unreadable Apache ignored
  	it.  This is, from a security standpoint, a poor idea
  	because it goes against the principle of "if in doubt, deny
  	access".  This had already been corrected in the 1.3
  	development tree, but we had refrained from making the
  	change in 1.2 because it could cause unexpected behavior
  	on existing sites.  We have since reconsidered, and as of
  	1.2.5, Apache will now reject requests if there is a htaccess
  	file present in the relevant directory tree that is unreadable
  	for any reason.
  
  	It is also possible, in very rare conditions, for this to
  	to be used to bypass htaccess files restricting access to
  	a directory or file.  The only case where this can happen
  	is if the attacker can form a request that results in the
  	full path to the htaccess file being too long (on most
  	systems, meaning over 1024 characters) yet the request for
  	the protected file in the same directory is not too long.
  	The only normal case where such an attack could be possible
  	is if there is a symbolic link such as "somedir -&gt; ."
  	created in the document tree.
  
  
  Contact Information
  ===================
  
  Full information about Apache and the 1.2.5 release which fixes
  these issues is available at http://httpd.apache.org/
  
  Normal bugs can be reported via http://httpd.apache.org/bug_report.html
  
  If you believe you have discovered a security hole in Apache, please
  be sure to contact us at security@apache.org so that we can verify
  and resolve the problem.  Support questions to this address will
  not get a response.  We fully support the concept of full disclosure,
  however it is always preferable to try to work with the vendor
  first before publicizing information about security holes.
  </PRE>
  <P><HR>
  </BODY>
  </HTML>
  
  
  
  
  1.1                  httpd-site/xdocs/info/support.cgi
  
  Index: support.cgi
  ===================================================================
  #!/usr/local/bin/perl
  #
  # print out commercial support list
  
  $dbfile = "supportdb.txt";
  
  print <<EOM;
  Content-type: text/html\r
  \r
  <html><head>
  <title>Companies and Contractors Providing Commercial Support for Apache</title>
  </head>
  <body bgcolor="#ffffff" text="#000000" link="#0000ff" vlink="#000080"
  	alink="#ff0000">
  
  <h1>Companies and Contractors Providing Commercial Support for Apache</h1>
  <p>
  Below is a table of companies and consultants who provide commercial
  support, in one form or another, for Apache.  Being mentioned here is
  not an indication of official "endorsement" by the Apache Group, but
  is instead provided as a public service.  If you would like to be added to
  this list, or removed, please contact 
  <a href="mailto:apache\@apache.org">apache\@apache.org</a>.
  </p>
  
  <table border="1" cellpadding="3">
  EOM
  
  open(DB, $dbfile) || die "Warning: $!\n";
  
  print "<tr>"
      . "<th>Company (E-mail)</th>"
      . "<th>Phone<br>Fax</th>"
      . "<th>Location</th>"
      . "<th>Comments</th>"
      . "</tr>\n";
  
  foreach $_ (sort (<DB>)) {
  	next if (/^#/);
  	($type, $who, $url, $email, $phone, $fax, $loc, $comment) = split(/\t/);
  	if ($type eq "Comp") {
              my(@eddresses) = split(m:,\s*:, $email);
              my(@list, $eddress);
              foreach $eddress (@eddresses) {
                  push(@list, "<a href=\"mailto:$eddress\">$eddress</a>");
              }
              print "<tr>"
                  . "<td><a href=\"$url\">$who</a> ("
                  . join(", ", @list)
                  . ")</td>"
                  . "<td>$phone&nbsp;<br>$fax&nbsp;</td>"
                  . "<td>$loc&nbsp;</td>"
                  . "<td>$comment&nbsp;</td>"
                  . "</tr>\n";
  	} else {
              push(@contractors, $_);
  	}
  }
  
  print "<tr>"
      . "<th>Contractor (E-mail)</th>"
      . "<th>&nbsp;</th>"
      . "<th>&nbsp;</th>"
      . "<th>&nbsp;</th>"
      . "</tr>\n";
  
  foreach $_ (sort (@contractors)) {
  	next if (/^#/);
  	($type, $who, $url, $email, $phone, $fax, $loc, $comment) = split(/\t/);
          my(@eddresses) = split(m:,\s*:, $email);
          my(@list, $eddress);
          foreach $eddress (@eddresses) {
              push(@list, "<a href=\"mailto:$eddress\">$eddress</a>");
          }
  	if ($type eq "Cont") {
              print "<tr>"
                  . "<td><a href=\"$url\">$who</a> ("
                  . join(", ", @list)
                  . ")</td>"
                  . "<td>$phone&nbsp;<br>$fax&nbsp;</td>"
                  . "<td>$loc&nbsp;</td>"
                  . "<td>$comment&nbsp;</td>"
                  . "</tr>\n";
  	} 
  }
  print "</table>\n";
  
  
  
  1.1                  httpd-site/xdocs/info/supportdb.txt
  
  Index: supportdb.txt
  ===================================================================
  # Type	Name	URL	E-mail	Phone	Fax	Location	Comments
  Comp	Alcove	http://www.alcove.com/	ventes@fr.alcove.com, sales@uk.alcove.com, ventas@es.alcove.com	+33 1 49 22 68 00	+33 1 49 22 68 01	Paris, France<br>London, United Kingdom<br>Madrid, Spain	We are European Free Software and Linux experts. Alcove provides commercial support, maintenance, services, solutions, and custom software development for the Apache Web server, Linux, and Free Software.
  Comp	Mind nv	http://mind.be/	info@mind.be	+32-16-309 666	+32-16-309 644	Leuven, Belgium	Offers commercial Linux consultancy, support, and training for Apache and add-ons (ssl, perl, php, asp, openldap, dav, databases, ...) within Belgium and Europe. Support is available on-site, by phone or over the Internet.
  Comp	Profissionais.net	http://forums.programadores.com.br/apache	gustavo@profissionais.net	(055) 051 330 7460		Porto Alegre, Brazil	A moderated mailing list (in Portuguese) for Brazilian users of Apache.
  Comp	Applios Inc. (FREDNET division)	http://www.frednet.com/	sales@frednet.com	+1 831 439 9500	+1 831 439 8502	Scotts Valley, CA, USA	Applios provides commercial support, maintenance, and custom software development for the Apache Web Server.  Applios also provides software development services for GNU Development Tools, Linux, Solaris, Sendmail, and other products and packages.
  Cont	Atanu M		atanu@poboxes.com	+91-11-5033742, +91-11-5038359	(no fax)	New Delhi, India	Install, train, and maintain Apache Web servers on Linux and Windows NT in India
  Comp	Cavern sc	http://www.cavern.pl/	biuro@cavern.pl	+48 22 629 52 66	+48 22 628 18 83	Warszawa, Poland	Cavern provides commercial support for Apache, Apache with SSL Mod, Europe version of Strong SSL Applet, Linux, and other products.
  Comp	LINUXHAUS	http://www.linuxhaus.de/	info@linuxhaus.de	+49 (0)30 890 944 63	+49 (0)30 890 944 64	Berlin, Germany	LINUXHAUS provides commercial support for the Apache Web server, Linux, SAMBA, Lotus Notes, and other products and packages.
  Comp	Covalent Technologies, Inc.	http://www.covalent.net/	info@covalent.net	(402) 441-5710	(402) 441-5720	Lincoln, Nebraska, USA	Covalent develops and sells the Raven SSL module for Apache.
  Comp	Dana Point Communication Systems	http://www.dpcsys.com/	dan@dpcsys.com	(714) 443-4172	(714) 443-9516	Dana Point, California
  Comp	Digituru	http://www.digit.ee/	info@digit.ee			Estonia
  Comp	ICONSULT	http://www.iconsult.com/	iconsult@iconsult.com	+49-(0)9131-502864	+49-(0)9131-537873	Erlangen, Germany
  Cont	Russell McOrmond	http://www.flora.ottawa.on.ca/russell/work/	russell@flora.ottawa.on.ca	(613) 235-7584	(613) 235-9627	Ottawa, Canada
  Comp	Spacestar Communications	http://www.spacestar.com/	webmaster@spacestar.com	(612) 896-1100	(612) 896-1750	Minneapolis, Minnesota
  Comp	Trytel Internet Inc.	http://www.trytel.com/	info@trytel.com	(613) 722-6321	(613) 722-6749	Ottawa, Canada
  Comp	C2Net Software, Inc.	http://www.c2.net/	stronghold-sales@c2.net	(510) 986 8770	(510) 986 8777	Oakland, CA	C2Net sells Stronghold within North America.
  Comp	C2Net Europe, Ltd.	http://www.eu.c2.net/	sales@eu.c2.net	+44 113 222 0046	+44 113 244 8102	 Leeds, UK	C2Net Europe develops Stronghold, a commercial, supported, encrypting, Apache-based webserver and sells it internationally.
  Comp	Plover Systems	http://www.plover.com/	plover@plover.com	+1 215 627 9846	+1 215 627 5643	Philadelphia, PA, USA
  Comp	Tenon Intersystems	http://www.tenon.com/	sales@tenon.com	(805)-963-6983	(805)-962-8202	Santa Barbara, CA, USA	Tenon develops and sells WebTen, a commercial, supported, encrypting Apache-based web server for Macintosh.
  
  
  
  
  1.1                  httpd-site/xdocs/info/three-config-files.html
  
  Index: three-config-files.html
  ===================================================================
  <HTML>
  <HEAD><TITLE>Why are there three config files?</TITLE></HEAD>
  <!-- Background white, links blue (unvisited), navy (visited), red (active) -->
  <BODY
   BGCOLOR="#FFFFFF"
   TEXT="#000000"
   LINK="#0000FF"
   VLINK="#000080"
   ALINK="#FF0000"
  >
  <DIV ALIGN="CENTER">
  <IMG
   SRC="../images/apache_sub.gif"
   ALT="[APACHE DOCUMENTATION]"
  >
  </DIV>
  <PRE>
  From: rst@ai.mit.edu (Robert S. Thau)
  Date: Thu, 13 Jun 1996 10:07:47 -0400
  Subject: Re:  Config file question...
  </PRE>
  
  <BLOCKQUOTE><EM>
     Why are there three config files?  Is this a throwback to NCSA? 
  </EM></BLOCKQUOTE>
  
  Ah, so, grasshopper, you have now reached that level of mastery at
  which you must learn the Inner Mystery of the Three Config Files.
  Know then, that the reality described in the documentation is not the
  only or true reality.  Rest and prepare for what awaits...
  
  <P>
  
  Let us begin by contemplating the surface form of the three config
  files, as they appear to the mundane and unenlightened webmaster.
  There is httpd.conf, which contains directives relating to the
  operation of the server as a whole, such as logging and management of
  the server pool.  There is srm.conf, containing directives which
  relate to the management of the namespace and resources in the
  filesystem --- file typing, directory indexes, aliases, and so forth.
  Lastly, there is access.conf, which contains &lt;Directory&gt; sections
  relating information on access control in various directories.  Three
  files, separate from each other, complementary in their purpose.
  
  <P>
  
  Yet, is this really the true state of affairs?  For truly has it been
  written that the code which can be documented is not the true code.
  And indeed, careful contemplation of even a standard setup reveals
  signs of the inner unity which underlies what appears to the
  unenlightened programmer as three separate grammars.  For a
  &lt;VirtualHost&gt; section may contain Alias and Redirect directives, yet
  these things surely relate to namespace management, do they not?  And
  a &lt;Directory&gt; section may contain AddType directives which properly
  relate to file typing, is it not so?
  
  <P>
  
  This then, is the Inner Mystery --- the three config files are all, in
  effect, fragments of one True Config File --- a single entity which
  governs the operation of the server as a whole, with a single grammar.
  For if one were to take a TransferLog directive from httpd.conf, and
  add it at top level to srm.conf (or even access.conf, outside of a
  directory section), it would, in truth, function no differently.
  
  <P>
  
  Indeed, some truly englightened webmasters may wish to deal with only
  the single True Config File, and not the fragments.  For them, it is
  possible to do so --- they may add
  
  <P>
  <BLOCKQUOTE>
    AccessConfig /dev/null<BR>
    ResourceConfig /dev/null
  </BLOCKQUOTE>
  
  <P>
  
  to their httpd.conf to inform the server that it, and it alone, is the
  entire True Config File for the site, add the former contents of their
  srm.conf and access.conf files to httpd.conf, ditch srm.conf and
  access.conf entirely, and proceed with the single True Config File in
  clear view.
  
  <P>
  
  Since the masters know they inner mystery --- that there is, in truth,
  only one True Config File --- why then do we show the masses three?
  Therein lies a tale...
  
  <P>
  
  Back in the formative days of Apache, the server was based very
  closely on the code for the NCSA 1.3 web server.  In this code, the
  inner unity of the One True Config File was *not* fully manifest, so
  that, say, a TransferLog directive which made a pleasing unity with
  httpd.conf would have caused errors in srm.conf.  And many people
  based their sites upon this code --- NCSA's and ours --- and so the
  illusion of the Several Config Files was loosed upon the world, and
  many webmasters were lost into it.  For these webmasters to use our
  present releases, they must accomodate the ways of illusion which the
  webmasters have fallen into.  But the True Config File is accessible
  to those who know its mystery.
  
  <P>
  
    ... and if someone doesn't put the answers to these questions
        into a FAQ someplace, you are all at risk of being assaulted
        again with yet another excerpt from my rejected scripts for
        "Kung Fu:  The Legend drags its Lame Ass into Cyberspace" ...
  
  <P>
  
  rst
  
  </BODY>
  </HTML>
  
  
  
  1.1                  httpd-site/xdocs/info/css-security/apache_1.3.11_css_patch.txt
  
  Index: apache_1.3.11_css_patch.txt
  ===================================================================
  This patch is against Apache 1.3.11.  It may be updated as the situation
  warrants.
  
  Last updated: Wed Feb  2 01:09:23 MST 2000
  
  Index: htdocs/manual/mod/core.html
  ===================================================================
  RCS file: /export/home/cvs/apache-1.3/htdocs/manual/mod/core.html,v
  retrieving revision 1.162
  diff -u -r1.162 core.html
  --- core.html	2000/01/18 19:32:49	1.162
  +++ core.html	2000/02/02 07:59:17
  @@ -23,6 +23,8 @@
   <UL>
   <LI><A HREF="#accessconfig">AccessConfig</A>
   <LI><A HREF="#accessfilename">AccessFileName</A>
  +<LI><A HREF="#adddefaultcharset">AddDefaultCharset</A>
  +<LI><A HREF="#adddefaultcharsetname">AddDefaultCharsetName</A>
   <LI><A HREF="#addmodule">AddModule</A>
   <LI><A HREF="#allowoverride">AllowOverride</A>
   <LI><A HREF="#authname">AuthName</A>
  @@ -162,6 +164,42 @@
   &lt;Directory /&gt;<BR>
   AllowOverride None<BR>
   &lt;/Directory&gt;</CODE></BLOCKQUOTE><P><HR>
  +
  +<H2><A NAME="adddefaultcharset">AddDefaultCharset directive</A></H2>
  +<A HREF="directive-dict.html#Syntax" REL="Help"><STRONG>Syntax:</STRONG></A> 
  +AddDefaultCharset <EM>on / off</EM><BR>
  +<A HREF="directive-dict.html#Context" REL="Help" ><STRONG>Context:</STRONG></A> 
  +all<BR>
  +<A HREF="directive-dict.html#Status" REL="Help" ><STRONG>Status:</STRONG></A> 
  +core<BR>
  +<A HREF="directive-dict.html#Default" REL="Help"><STRONG>Default:</STRONG></A>
  +<CODE>AddDefaultCharset off</CODE><BR>
  +<A HREF="directive-dict.html#Compatibility" REL="Help"><STRONG>Compatibility:
  +</STRONG></A> AddDefaultCharset is only available in Apache 1.3.12 and later<P>
  +If enabled, any response that does not have any parameter on the content 
  +type in the HTTP headers will have a charset parameter added specifying 
  +the character set the client should use for the document.  This will 
  +override any character set specified in the body of the document via a 
  +<CODE>META</CODE> tag.  The character set added is specified by the 
  +<CODE>AddDefaultCharsetName</CODE> directive.
  +<P><HR>
  +
  +<H2><A NAME="adddefaultcharsetname">AddDefaultCharsetName directive</A></H2>
  +<A HREF="directive-dict.html#Syntax" REL="Help"><STRONG>Syntax:</STRONG></A> 
  +AddDefaultCharsetName <EM>charset</EM><BR>
  +<A HREF="directive-dict.html#Context" REL="Help" ><STRONG>Context:</STRONG></A> 
  +all<BR>
  +<A HREF="directive-dict.html#Status" REL="Help" ><STRONG>Status:</STRONG></A> 
  +core<BR>
  +<A HREF="directive-dict.html#Default" REL="Help"><STRONG>Default:</STRONG></A>
  +<CODE>AddDefaultCharsetName iso-8859-1</CODE><BR>
  +<A HREF="directive-dict.html#Compatibility" REL="Help"><STRONG>Compatibility:
  +</STRONG></A> AddDefaultCharsetName is only available in Apache 1.3.12 and 
  +later<P>
  +This directive specifies the name of the character set that will be added
  +if the <A HREF="#adddefaultcharset">AddDefaultCharset</A> directive is 
  +enabled.
  +<P><HR>
   
   <H2><A NAME="addmodule">AddModule directive</A></H2>
   <!--%plaintext &lt;?INDEX {\tt AddModule} directive&gt; -->
  Index: htdocs/manual/mod/directives.html
  ===================================================================
  RCS file: /export/home/cvs/apache-1.3/htdocs/manual/mod/directives.html,v
  retrieving revision 1.60
  diff -u -r1.60 directives.html
  --- directives.html     1999/12/19 16:34:32     1.60
  +++ directives.html     2000/02/02 08:09:07
  @@ -30,6 +30,9 @@
   <LI><A HREF="mod_autoindex.html#addalt">AddAlt</A>
   <LI><A HREF="mod_autoindex.html#addaltbyencoding">AddAltByEncoding</A>
   <LI><A HREF="mod_autoindex.html#addaltbytype">AddAltByType</A>
  +<LI><A HREF="mod_mime.html#addcharset">AddCharset</A>
  +<LI><A HREF="core.html#adddefaultcharset">AddDefaultCharset</A>
  +<LI><A HREF="core.html#adddefaultcharsetname">AddDefaultCharsetName</A>
   <LI><A HREF="mod_autoindex.html#adddescription">AddDescription</A>
   <LI><A HREF="mod_mime.html#addencoding">AddEncoding</A>
   <LI><A HREF="mod_mime.html#addhandler">AddHandler</A>
  Index: htdocs/manual/mod/mod_include.html
  ===================================================================
  RCS file: /export/home/cvs/apache-1.3/htdocs/manual/mod/mod_include.html,v
  retrieving revision 1.23
  diff -u -r1.23 mod_include.html
  --- mod_include.html	1998/09/17 12:06:40	1.23
  +++ mod_include.html	2000/02/02 07:59:18
  @@ -89,15 +89,34 @@
   routine when printing dates.
   </DL>
   
  +<A NAME="echo">
   <DT><STRONG>echo</STRONG>
   <DD>
   This command prints one of the include variables, defined below.
   If the variable is unset, it is printed as <CODE>(none)</CODE>.
   Any dates printed are subject to the currently configured <CODE>timefmt</CODE>.
  +
   Attributes:
   <DL>
   <DT>var
   <DD>The value is the name of the variable to print.
  +<DT>encoding 
  +<DD>Specifies how Apache should encode special characters contained
  +in the variable before outputting them.  If set to "none", no encoding
  +will be done.  If set to "url", then URL encoding (also known as
  +%-encoding; this is appropriate for use within URLs in links, etc.)
  +will be performed.  At the start of an <CODE>echo</CODE> element,
  +the default is set to "entity", resulting in entity encoding (which
  +is appropriate in the context of a block-level HTML element, eg.
  +a paragraph of text).  This can be changed by adding an
  +<CODE>encoding</CODE> attribute, which will remain in effect until
  +the next <CODE>encoding</CODE> attribute is encountered or the
  +element ends, whichever comes first.  Note that only special
  +characters as defined in the ISO-8859-1 character encoding will be
  +encoded.  This encoding process may not have the desired result if
  +a different character encoding is in use.  Apache 1.3.12 and above; previous
  +versions do no encoding.
  +
   </DL>
   
   <DT><STRONG>exec</STRONG>
  @@ -181,7 +200,9 @@
   
   <DT><STRONG>printenv</STRONG>
   <DD>This prints out a listing of all existing variables and their values.
  -    No attributes.
  +   Starting with Apache 1.3.12, special characters are entity encoded (see the 
  +   <A HREF="#echo"><CODE>echo</CODE></A> element for details) before being
  +   output.  No attributes.
   <DD>For example: <CODE>&lt;!--#printenv --&gt;</CODE>
   <DD>Apache 1.2 and above.
   
  Index: src/CHANGES
  ===================================================================
  RCS file: /export/home/cvs/apache-1.3/src/CHANGES,v
  retrieving revision 1.1502
  diff -u -r1.1502 CHANGES
  --- CHANGES     2000/01/18 17:12:13     1.1502
  +++ CHANGES     2000/02/02 08:09:11
  @@ -1,3 +1,31 @@
  +Changes with Apache 1.3.12
  +
  +  *) Add an explicit charset=iso-8859-1 to pages generated by
  +     ap_send_error_response(), such as the default 404 page.
  +     [Marc Slemko]
  +
  +  *) Add the AddDefaultCharset and AddDefaultCharsetName directives.  
  +     These allow you to tell Apache to specify the given character
  +     set on any document that does not have one explicitly specified in 
  +     the headers.  [Marc Slemko]
  +
  +  *) Properly escape various messages output to the client from a number
  +     of modules and places in the core code.  [Marc Slemko]
  +
  +  *) Change mod_actions, mod_autoindex, mod_expires, and mod_log_config to
  +     not consider any parameters such as charset when making decisions 
  +     based on content type.  This does remove some functionality for 
  +     some users, but means that when these modules are configured to do 
  +     particular things with particular MIME types, the charset should 
  +     not be included.  A better way of addressing this for users who 
  +     want to set things on a per charset basis is necessary in the future.  
  +     [Marc Slemko]
  +
  +  *) mod_include now entity encodes output from "printenv" and "echo var"
  +     by default.  The encoding for "echo var" can be set to URL encoding
  +     or no encoding using the new "encoding" attribute to the echo tag.
  +     [Marc Slemko]
  +
   Changes with Apache 1.3.11
   
     *) MPE builds are no longer stripped, which caused the executable
  Index: src/include/http_core.h
  ===================================================================
  RCS file: /export/home/cvs/apache-1.3/src/include/http_core.h,v
  retrieving revision 1.59
  diff -u -r1.59 http_core.h
  --- http_core.h	1999/06/28 22:38:25	1.59
  +++ http_core.h	2000/02/02 07:59:24
  @@ -243,6 +243,15 @@
        */
       unsigned d_is_fnmatch : 1;
   
  +    /* should we force a charset on any outgoing parameterless content-type?
  +     * if so, which charset?
  +     */
  +#define ADD_DEFAULT_CHARSET_OFF   (0)
  +#define ADD_DEFAULT_CHARSET_ON    (1)
  +#define ADD_DEFAULT_CHARSET_UNSET (2)
  +    unsigned add_default_charset : 2;
  +    char *add_default_charset_name;
  +
       /* System Resource Control */
   #ifdef RLIMIT_CPU
       struct rlimit *limit_cpu;
  Index: src/include/httpd.h
  ===================================================================
  RCS file: /export/home/cvs/apache-1.3/src/include/httpd.h,v
  retrieving revision 1.303
  diff -u -r1.303 httpd.h
  --- httpd.h	2000/01/30 19:46:11	1.303
  +++ httpd.h	2000/02/02 07:59:24
  @@ -409,6 +409,12 @@
   #endif /* default limit on number of request header fields */
   
   /*
  + * The default default character set name to add if AddDefaultCharset is 
  + * enabled.  Overridden with AddDefaultCharsetName.
  + */
  +#define DEFAULT_ADD_DEFAULT_CHARSET_NAME "iso-8859-1"
  +
  +/*
    * The below defines the base string of the Server: header. Additional
    * tokens can be added via the ap_add_version_component() API call.
    *
  Index: src/main/http_core.c
  ===================================================================
  RCS file: /export/home/cvs/apache-1.3/src/main/http_core.c,v
  retrieving revision 1.277
  diff -u -r1.277 http_core.c
  --- http_core.c	2000/01/11 14:13:40	1.277
  +++ http_core.c	2000/02/02 07:59:25
  @@ -154,6 +154,9 @@
   
       conf->server_signature = srv_sig_unset;
   
  +    conf->add_default_charset = ADD_DEFAULT_CHARSET_UNSET;
  +    conf->add_default_charset_name = DEFAULT_ADD_DEFAULT_CHARSET_NAME;
  +
       return (void *)conf;
   }
   
  @@ -281,6 +284,14 @@
   	conf->server_signature = new->server_signature;
       }
   
  +    if (new->add_default_charset != ADD_DEFAULT_CHARSET_UNSET) {
  +	conf->add_default_charset = new->add_default_charset;
  +    }
  +
  +    if (new->add_default_charset_name) {
  +	conf->add_default_charset_name = new->add_default_charset_name;
  +    }
  +
       return (void*)conf;
   }
   
  @@ -1035,6 +1046,28 @@
   }
   #endif /*GPROF*/
   
  +static const char *set_add_default_charset(cmd_parms *cmd, 
  +	core_dir_config *d, int arg)
  +{
  +    const char *err = ap_check_cmd_context(cmd, NOT_IN_LIMIT);
  +    if (err != NULL) {
  +        return err;
  +    }
  +    d->add_default_charset = arg != 0;
  +    return NULL;
  +}
  +
  +static const char *set_add_default_charset_name(cmd_parms *cmd, 
  +	core_dir_config *d, char *arg)
  +{
  +    const char *err = ap_check_cmd_context(cmd, NOT_IN_LIMIT);
  +    if (err != NULL) {
  +        return err;
  +    }
  +    d->add_default_charset_name = arg;
  +    return NULL;
  +}
  +
   static const char *set_document_root(cmd_parms *cmd, void *dummy, char *arg)
   {
       void *sconf = cmd->server->module_config;
  @@ -2786,6 +2819,10 @@
   { "GprofDir", set_gprof_dir, NULL, RSRC_CONF, TAKE1,
     "Directory to plop gmon.out files" },
   #endif
  +{ "AddDefaultCharset", set_add_default_charset, NULL, OR_FILEINFO, FLAG,
  +  "whether or not to add a default charset to any Content-Type without one" },
  +{ "AddDefaultCharsetName", set_add_default_charset_name, NULL, OR_FILEINFO, 
  +  TAKE1, "The name of the charset to add if AddDefaultCharset is enabled" },
   
   /* Old resource config file commands */
     
  Index: src/main/http_log.c
  ===================================================================
  RCS file: /export/home/cvs/apache-1.3/src/main/http_log.c,v
  retrieving revision 1.82
  diff -u -r1.82 http_log.c
  --- http_log.c	2000/01/31 22:24:07	1.82
  +++ http_log.c	2000/02/02 07:59:25
  @@ -487,7 +487,8 @@
       if (((level & APLOG_LEVELMASK) <= APLOG_WARNING)
   	&& (ap_table_get(r->notes, "error-notes") == NULL)) {
   	ap_table_setn(r->notes, "error-notes",
  -		      ap_pvsprintf(r->pool, fmt, args));
  +		      ap_escape_html(r->pool, ap_pvsprintf(r->pool, fmt, 
  +		      args)));
       }
       va_end(args);
   }
  Index: src/main/http_protocol.c
  ===================================================================
  RCS file: /export/home/cvs/apache-1.3/src/main/http_protocol.c,v
  retrieving revision 1.286
  diff -u -r1.286 http_protocol.c
  --- http_protocol.c	2000/01/11 14:13:41	1.286
  +++ http_protocol.c	2000/02/02 07:59:28
  @@ -103,6 +103,35 @@
   
   #endif /*CHARSET_EBCDIC*/
   
  +/*
  + * Builds the content-type that should be sent to the client from the
  + * content-type specified.  The following rules are followed:
  + *    - if type is NULL, type is set to ap_default_type(r)
  + *    - if charset adding is disabled, stop processing and return type.
  + *    - then, if there are no parameters on type, add the default charset
  + *    - return type
  + */
  +static const char *make_content_type(request_rec *r, const char *type) {
  +    const char *i;
  +    core_dir_config *conf = (core_dir_config *)ap_get_module_config(
  +	r->per_dir_config, &core_module);
  +    if (!type) type = ap_default_type(r);
  +    if (conf->add_default_charset != ADD_DEFAULT_CHARSET_ON) return type;
  +
  +    i = type;
  +    while (*i && *i != ';') i++;
  +    if (*i && *i == ';') {
  +	/* already has parameter, do nothing */
  +	/* XXX should check for actual charset=, but then we need real 
  +	 * parsing code 
  +	 */
  +    } else {
  +	type = ap_pstrcat(r->pool, type, "; charset=", 
  +	    conf->add_default_charset_name, NULL);
  +    }
  +    return type;
  +}
  +
   static int parse_byterange(char *range, long clength, long *start, long *end)
   {
       char *dash = strchr(range, '-');
  @@ -265,7 +294,7 @@
       }
   
       if (r->byterange > 1) {
  -        const char *ct = r->content_type ? r->content_type : ap_default_type(r);
  +        const char *ct = make_content_type(r, r->content_type);
           char ts[MAX_STRING_LEN];
   
           ap_snprintf(ts, sizeof(ts), "%ld-%ld/%ld", range_start, range_end,
  @@ -1636,10 +1665,8 @@
           ap_table_setn(r->headers_out, "Content-Type",
                     ap_pstrcat(r->pool, "multipart", use_range_x(r) ? "/x-" : "/",
                             "byteranges; boundary=", r->boundary, NULL));
  -    else if (r->content_type)
  -        ap_table_setn(r->headers_out, "Content-Type", r->content_type);
  -    else
  -        ap_table_setn(r->headers_out, "Content-Type", ap_default_type(r));
  +    else ap_table_setn(r->headers_out, "Content-Type", make_content_type(r, 
  +	r->content_type));
   
       if (r->content_encoding)
           ap_table_setn(r->headers_out, "Content-Encoding", r->content_encoding);
  @@ -2550,7 +2577,7 @@
           r->content_languages = NULL;
           r->content_encoding = NULL;
           r->clength = 0;
  -        r->content_type = "text/html";
  +        r->content_type = "text/html; charset=iso-8859-1";
   
           if ((status == METHOD_NOT_ALLOWED) || (status == NOT_IMPLEMENTED))
               ap_table_setn(r->headers_out, "Allow", make_allow(r));
  Index: src/main/util.c
  ===================================================================
  RCS file: /export/home/cvs/apache-1.3/src/main/util.c,v
  retrieving revision 1.176
  diff -u -r1.176 util.c
  --- util.c	2000/01/12 20:57:48	1.176
  +++ util.c	2000/02/02 07:59:29
  @@ -127,6 +127,8 @@
   {
       const char *semi;
   
  +    if (intype == NULL) return NULL;
  +
       semi = strchr(intype, ';');
       if (semi == NULL) {
   	return ap_pstrdup(p, intype);
  Index: src/modules/proxy/proxy_util.c
  ===================================================================
  RCS file: /export/home/cvs/apache-1.3/src/modules/proxy/proxy_util.c,v
  retrieving revision 1.83
  diff -u -r1.83 proxy_util.c
  --- proxy_util.c	2000/01/11 14:13:47	1.83
  +++ proxy_util.c	2000/02/02 07:59:29
  @@ -844,9 +844,12 @@
       ap_table_setn(r->notes, "error-notes",
   		  ap_pstrcat(r->pool, 
   			     "The proxy server could not handle the request "
  -			     "<EM><A HREF=\"", r->uri, "\">",
  -			     r->method, "&nbsp;", r->uri, "</A></EM>.<P>\n"
  -			     "Reason: <STRONG>", message, "</STRONG>", NULL));
  +			     "<EM><A HREF=\"", ap_escape_uri(r->pool, r->uri),
  +			     "\">", r->method, "&nbsp;", 
  +			     ap_escape_html(r->pool, r->uri), "</A></EM>.<P>\n"
  +			     "Reason: <STRONG>",
  +			     ap_escape_html(r->pool, message), 
  +			     "</STRONG>", NULL));
   
       /* Allow the "error-notes" string to be printed by ap_send_error_response() */
       ap_table_setn(r->notes, "verbose-error-to", ap_pstrdup(r->pool, "*"));
  Index: src/modules/standard/mod_actions.c
  ===================================================================
  RCS file: /export/home/cvs/apache-1.3/src/modules/standard/mod_actions.c,v
  retrieving revision 1.33
  diff -u -r1.33 mod_actions.c
  --- mod_actions.c	2000/01/11 14:23:03	1.33
  +++ mod_actions.c	2000/02/02 07:59:30
  @@ -195,7 +195,8 @@
   {
       action_dir_config *conf = (action_dir_config *)
           ap_get_module_config(r->per_dir_config, &action_module);
  -    const char *t, *action = r->handler ? r->handler : r->content_type;
  +    const char *t, *action = r->handler ? r->handler : 
  +	ap_field_noparam(r->pool, r->content_type);
       const char *script;
       int i;
   
  Index: src/modules/standard/mod_autoindex.c
  ===================================================================
  RCS file: /export/home/cvs/apache-1.3/src/modules/standard/mod_autoindex.c,v
  retrieving revision 1.113
  diff -u -r1.113 mod_autoindex.c
  --- mod_autoindex.c	1999/12/31 05:35:52	1.113
  +++ mod_autoindex.c	2000/02/02 07:59:30
  @@ -732,7 +732,7 @@
   
   static char *find_item(request_rec *r, array_header *list, int path_only)
   {
  -    const char *content_type = r->content_type;
  +    const char *content_type = ap_field_noparam(r->pool, r->content_type);
       const char *content_encoding = r->content_encoding;
       char *path = r->filename;
   
  Index: src/modules/standard/mod_expires.c
  ===================================================================
  RCS file: /export/home/cvs/apache-1.3/src/modules/standard/mod_expires.c,v
  retrieving revision 1.33
  diff -u -r1.33 mod_expires.c
  --- mod_expires.c	1999/10/21 20:45:26	1.33
  +++ mod_expires.c	2000/02/02 07:59:30
  @@ -437,7 +437,8 @@
       if (r->content_type == NULL)
           code = NULL;
       else
  -        code = (char *) ap_table_get(conf->expiresbytype, r->content_type);
  +        code = (char *) ap_table_get(conf->expiresbytype, 
  +		ap_field_noparam(r->pool, r->content_type));
   
       if (code == NULL) {
           /* no expires defined for that type, is there a default? */
  Index: src/modules/standard/mod_include.c
  ===================================================================
  RCS file: /export/home/cvs/apache-1.3/src/modules/standard/mod_include.c,v
  retrieving revision 1.121
  diff -u -r1.121 mod_include.c
  --- mod_include.c	1999/12/31 05:35:52	1.121
  +++ mod_include.c	2000/02/02 07:59:30
  @@ -922,7 +922,10 @@
   {
       char tag[MAX_STRING_LEN];
       char *tag_val;
  +    enum {E_NONE, E_URL, E_ENTITY} encode;
   
  +    encode = E_ENTITY;
  +
       while (1) {
           if (!(tag_val = get_tag(r->pool, in, tag, sizeof(tag), 1))) {
               return 1;
  @@ -931,7 +934,15 @@
               const char *val = ap_table_get(r->subprocess_env, tag_val);
   
               if (val) {
  -                ap_rputs(val, r);
  +		if (encode == E_NONE) {
  +		    ap_rputs(val, r);
  +		}
  +		else if (encode == E_URL) {
  +		    ap_rputs(ap_escape_uri(r->pool, val), r);
  +		}
  +		else if (encode == E_ENTITY) {
  +		    ap_rputs(ap_escape_html(r->pool, val), r);
  +		}
               }
               else {
                   ap_rputs("(none)", r);
  @@ -940,6 +951,19 @@
           else if (!strcmp(tag, "done")) {
               return 0;
           }
  +	else if (!strcmp(tag, "encoding")) {
  +	    if (!strcasecmp(tag_val, "none")) encode = E_NONE;
  +	    else if (!strcasecmp(tag_val, "url")) encode = E_URL;
  +	    else if (!strcasecmp(tag_val, "entity")) encode = E_ENTITY;
  +	    else {
  +		ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r,
  +			    "unknown value \"%s\" to parameter \"encoding\" of "
  +			    "tag echo in %s",
  +			    tag_val, r->filename);
  +		ap_rputs(error, r);
  +	    }
  +	}
  +
           else {
               ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r,
                           "unknown parameter \"%s\" to tag echo in %s",
  @@ -2116,7 +2140,8 @@
       }
       else if (!strcmp(tag, "done")) {
           for (i = 0; i < arr->nelts; ++i) {
  -            ap_rvputs(r, elts[i].key, "=", elts[i].val, "\n", NULL);
  +            ap_rvputs(r, ap_escape_html(r->pool, elts[i].key), "=", 
  +		ap_escape_html(r->pool, elts[i].val), "\n", NULL);
           }
           return 0;
       }
  Index: src/modules/standard/mod_log_config.c
  ===================================================================
  RCS file: /export/home/cvs/apache-1.3/src/modules/standard/mod_log_config.c,v
  retrieving revision 1.80
  diff -u -r1.80 mod_log_config.c
  --- mod_log_config.c	1999/12/15 23:04:22	1.80
  +++ mod_log_config.c	2000/02/02 07:59:30
  @@ -391,7 +391,7 @@
   {
       const char *cp = ap_table_get(r->headers_out, a);
       if (!strcasecmp(a, "Content-type") && r->content_type) {
  -        cp = r->content_type;
  +        cp = ap_field_noparam(r->pool, r->content_type);
       }
       if (cp) {
           return cp;
  Index: src/modules/standard/mod_status.c
  ===================================================================
  RCS file: /export/home/cvs/apache-1.3/src/modules/standard/mod_status.c,v
  retrieving revision 1.110
  diff -u -r1.110 mod_status.c
  --- mod_status.c	2000/01/12 15:55:02	1.110
  +++ mod_status.c	2000/02/02 07:59:31
  @@ -597,9 +597,10 @@
   			format_byte_out(r, bytes);
   			ap_rputs(")\n", r);
   			ap_rprintf(r, " <i>%s {%s}</i> <b>[%s]</b><br>\n\n",
  -			    score_record.client,
  +			    ap_escape_html(r->pool, score_record.client),
   			    ap_escape_html(r->pool, score_record.request),
  -			    vhost ? vhost->server_hostname : "(unavailable)");
  +			    vhost ? ap_escape_html(r->pool, 
  +				vhost->server_hostname) : "(unavailable)");
   		    }
   		    else {		/* !no_table_report */
   			if (score_record.status == SERVER_DEAD)
  @@ -671,8 +672,9 @@
   			else
   			    ap_rprintf(r,
   			     "<td>%s<td nowrap>%s<td nowrap>%s</tr>\n\n",
  -			     score_record.client,
  -			     vhost ? vhost->server_hostname : "(unavailable)",
  +			     ap_escape_html(r->pool, score_record.client),
  +			     vhost ? ap_escape_html(r->pool, 
  +				vhost->server_hostname) : "(unavailable)",
   			     ap_escape_html(r->pool, score_record.request));
   		    }		/* no_table_report */
   		}			/* !short_report */
  
  
  
  1.1                  httpd-site/xdocs/info/css-security/apache_specific.html
  
  Index: apache_specific.html
  ===================================================================
  <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
  <HTML>
   <HEAD>
    <TITLE>Cross Site Scripting Info: Apache Specific</TITLE>
   </HEAD>
  
   <!-- Background white, links blue (unvisited), navy (visited), red (active) -->
   <BODY BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#0000FF" VLINK="#000080" 
         ALINK="#FF0000">
    <DIV ALIGN="CENTER">
     <IMG SRC="../../images/apache_sub.gif" ALT="[APACHE DOCUMENTATION]">
    </DIV>
    <H1 ALIGN="CENTER">Cross Site Scripting Info: Apache Specific</H1>
  
  <H2>Introduction:</H2>
  
  <P>While reviewing the Apache code for any problems related to this
  problem, we have discovered a number of issues.  Many of them are
  not bugs in Apache, but are places where Apache can do more to
  avoid being vulnerable to the Cross Site Scriptint security problem.
  None of the changes fix any security holes in Apache itself that
  can compromise the server directly, but are focused towards its
  interaction with clients.
  
  <P>Included below is a summary of the current known issues and
  fixes, where available.  This information will be expanded on as
  information becomes available and time permits.
  
  <H2>Issues outstanding:</H2>
  <UL>
  
  <LI>Older versions of the <CODE>printenv</CODE> CGI script distributed with
  Apache did not properly encode their output.  If you have one of these on
  your system, and this issue impacts your site, you should disable the CGI.
  
  <LI>Current versions of <CODE>printenv</CODE> and <CODE>test-cgi</CODE>
  send content with a MIME type of text/plain, meaning that no encoding
  is required or possible.  This was changed effective in Apache
  1.3.11 to fix the problem of <CODE>printenv</CODE> not properly
  encoding its output.  Unfortunately, Microsoft Internet Explorer
  does not respect that MIME type, and incorrectly processes the
  output as HTML that is what it guesses it to be.  This security
  problem has been reported to Microsoft.  At this time, the recommended
  workaround is to simply remove the <CODE>printenv</CODE> and
  <CODE>test-cgi</CODE> scripts from your site if this issue impacts
  you.
  
  <LI>If you do have other legitimate text/plain content on your site
  that is generated based on user input, you may need to configure
  your server to prevent IE from accessing it or change it to text/html
  so you can encode it.  Alternatively, you can filter special
  characters if that is possible in your situation.  Thankfully, this
  only impacts a very few sites.
  
  <LI>A number of Apache modules such as <CODE>mod_status</CODE> do not
  set an explicit character set on their output.  Using the AddDefaultCharset
  directive will work around this.  The modules that don't set an explicit
  character set are not normally accessible to users and they are not 
  thought to pose a significant risk.
  
  <LI>What is necessary to ensure that sites that legitimately use character
  sets with different encodings of special characters, such as UTF-7, are 
  protected?  How can Apache facilitate this?  This is a major issue for 
  those with a significant amount of content in character sets other than
  iso-8859-1.
  
  
  </UL>
  
  <H2>Fixes from CHANGES file:</H2>
  <P>These will be expanded on as time permits.  These patches are available
  in the current <A HREF="apache_1.3.11_css_patch.txt">Apache patch</A> 
  against Apache 1.3.11.
  
  <PRE>
    *) Add an explicit charset=iso-8859-1 to pages generated by
       ap_send_error_response(), such as the default 404 page.
       [Marc Slemko]
  
    *) Add the AddDefaultCharset and AddDefaultCharsetName directives.
       These allow you to tell Apache to specify the given character
       set on any document that does not have one explicitly specified in
       the headers.  [Marc Slemko]
  
    *) Properly escape various messages output to the client from a number
       of modules and places in the core code.  [Marc Slemko]
  
    *) Change mod_actions, mod_autoindex, mod_expires, and mod_log_config to
       not consider any parameters such as charset when making decisions
       based on content type.  This does remove some functionality for
       some users, but means that when these modules are configured to do
       particular things with particular MIME types, the charset should
       not be included.  A better way of addressing this for users who
       want to set things on a per charset basis is necessary in the future.
       [Marc Slemko]
  
    *) mod_include now entity encodes output from "printenv" and "echo var"
       by default.  The encoding for "echo var" can be set to URL encoding
       or no encoding using the new "encoding" attribute to the echo tag.
       [Marc Slemko]
  
  </PRE>
  
  </BODY>
  </HTML>
  
  
  
  1.1                  httpd-site/xdocs/info/css-security/encoding_examples.html
  
  Index: encoding_examples.html
  ===================================================================
  <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
  <HTML>
   <HEAD>
    <TITLE>Cross Site Scripting Info: Encoding Examples</TITLE>
   </HEAD>
  
   <!-- Background white, links blue (unvisited), navy (visited), red (active) -->
   <BODY BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#0000FF" VLINK="#000080" 
         ALINK="#FF0000">
    <DIV ALIGN="CENTER">
     <IMG SRC="../../images/apache_sub.gif" ALT="[APACHE DOCUMENTATION]">
    </DIV>
    <H1 ALIGN="CENTER">Cross Site Scripting Info: Encoding Examples</H1>
  
  <H2>Introduction:</H2>
  
  <P>We trust you are already familiar with the Cross Site Scripting
  security problem and the concept behind how it works.  If not, see
  the <A HREF="http://www.cert.org/advisories/CA-2000-02.html">CERT
  Advisory CA-2000-02</A> that has been released on this issue for 
  details before continuing.
  
  <P>This document focuses on how you can safely encode data before 
  it is output to the client.  The main method of doing this is through
  entity encoding, as described in the CERT advisory, using entities
  such as "&amp;lt;".
  
  <H2>General Comments on Encoding:</H2>
  
  <P>Note that, in general, many functions that perform entity encoding
  do so in a way which is only suitable for use outside attribute
  values, in normal block level elements such as a paragraph of text.
  Many of the functions referenced below are in this category.  This
  means they may not encode characters such as the double or single
  quote.  If you don't use quotation marks around an attribute value
  supplied from user input, then you need to encode even more
  characters.  Always use quotes and you won't have to worry about
  that particular issue.
  
  <P>Unfortunately, the situation for encoding data within attribute
  values or within the body scripts (eg. within "&lt;SCRIPT&gt;"
  tags) is more complex and less understood.  If you are in this 
  situation, you may be wise to consider filtering special characters
  (as described in the <A
  HREF="http://www.cert.org/tech_tips/malicious_code_mitigation.html">CERT
  Tech Tip</A>) instead of encoding them.  Generally, encoding is 
  recommended because it does not require you to make a decision about
  what characters could legitimately be entered and need to be passed
  through and it has less of an impact on existing functionality.  
  
  <P>The reason why safely encoding data within attribute values is 
  difficult is because some characters that are not considered special
  characters can be arranged to have unexpected effects in certain
  attribute values.  This is very specific to the tag the attribute
  is associated with and to how the client interprets it.  For example,
  if you let the user enter the value for a HREF attribute, and you
  encode it properly, you could end up outputting a tag such as:
  
  <PRE>
  &lt;A HREF="javascript:document.writeln(document.cookie + &amp;quot;&amp;lt;BR&amp;gt;&amp;quot;)"&gt;
  </PRE>
  
  Even though you have properly encoded special characters, many popular
  browsers will interpret a "javascript:" URL as containing JavaScript
  to execute in the context of the current document.
  
  <P>One of the issues that is still unresolved is exactly what HTML 
  tags are "safe" to allow through, and what the algorithm for doing so
  is like.  Many sites wish to allow users to enter a limited subset
  of "safe" HTML.  This is still very much an open issue.  It has been 
  an issue for quite some time, and it is our hope that this Cross Site
  Scripting problem will help prompt more work into addressing it.
  
  <P>If you are encoding user entered data in a URL, then URL encoding (also
  known as percent encoding) is appropriate.  Unfortunately, this can be
  a complex thing to get right because the special characters in "http://",
  for example, must remain unencoded because they are part of the syntax
  of the URL.  Better solutions to deal with this are necessary.
  
  <P>Also note that some URL encoding functions encode a space into a "+" for
  historical reasons.  This will only work in the query string for CGIs, and
  will not properly encode a space in other parts of the URL.
  
  <P>We realize that all these special situations and the lack of a single
  bulletproof set of steps for encoding user data, wherever it may occur on 
  the page, makes the task of fixing this problem quite challenging in some
  cases.  We wish we had a better answer, and are working on filling in the
  fuzzy areas.
  
  <H2>PHP Example:</H2>
  
  <PRE>
  &lt;?
  $Text = "foo&lt;b&gt;bar";
  $URL = "foo&lt;b&gt;bar.html";
  echo HTMLSpecialChars($Text), "&lt;BR&gt;";     
  echo "&lt;A HREF=\"", rawurlencode($URL), "\"&gt;link&lt;/A&gt;";
  ?&gt;
  </PRE>
  
  <P>Note that PHP also has a strip_tags() function that will remove all 
  HTML tags from a string.  Using this function in a manner such as:
  
  <PRE>
  	echo strip_tags($Text);
  </PRE>
  
  will strip all HTML from the input.  However, if you use it in the form:
  
  <PRE>
  	echo strip_tags($Text, "&lt;B&gt;");
  </PRE>
  
  which only allows the "&lt;B&gt;" tag through, you are still often
  vulnerable to users inserting script code.  By design, this function
  does not strip attributes from the tags.  This means it is often
  possible to include things such as JavaScript event attributes.
  An example of a tag that would be allowed by the above strip_tags()
  call is:
  
  <PRE>
  	&lt;B onmouseover="document.location='http://www.cert.org/'"&gt;
  </PRE>
  
  <P>Some clients accept such attributes on tags that are otherwise benign.
  
  <H2>Apache Module Example:</H2>
  
  <PRE>
  char *Text = "foo&lt;b&gt;bar";
  char *URL = "foo&lt;b&gt;bar.html";
  ap_rvputs(r, ap_escape_html(r-&gt;pool, Text), "&lt;BR&gt;", NULL);
  ap_rvputs(r, "&lt;A HREF=\"", ap_escape_uri(r-&gt;pool, URL), "\"&gt;link&lt;/A&gt;", NULL);
  </PRE>
  
  <H2>mod_perl Example:</H2>
  
  <PRE>
  $Text = "foo&lt;b&gt;bar";
  $URL = "foo&lt;b&gt;bar.html";
  $r-&gt;print(Apache::Util::escape_html($Text), "&lt;BR&gt;");
  $r-&gt;print("&lt;A HREF=\"", Apache::Util::escape_uri($URL), "\"&gt;link&lt;/A&gt;");
  </PRE>
  
  <P>This uses the same functions as in the Apache Module Example, called
  from Perl instead of directly from C.
  
  <H2>Perl Example:</H2>
  
  <PRE>
  use CGI ();
  $Text = "foo&lt;b&gt;bar";
  $URL = "foo&lt;b&gt;bar.html";
  print CGI::escapeHTML($Text), "&lt;BR&gt;";
  print qq(&lt;A HREF="), CGI::escape($URL), qq("&gt;link&lt;/A&gt;);
  </PRE>
  
  <P>Note that if you use the CGI.pm module in its full intended role,
  instead of just using helper functions from it, it will automatically 
  encode special characters in many places.  Unfortunately, this is yet
  again likely not sufficient in all situations.  See the documentation at 
  <A HREF="http://stein.cshl.org/WWW/software/CGI/">
  http://stein.cshl.org/WWW/software/CGI/</A> for more details on what
  this module can do.
  
  </BODY>
  </HTML>
  
  
  
  1.1                  httpd-site/xdocs/info/css-security/index.html
  
  Index: index.html
  ===================================================================
  <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
  <HTML>
   <HEAD>
    <TITLE>Cross Site Scripting Info</TITLE>
   </HEAD>
  
   <!-- Background white, links blue (unvisited), navy (visited), red (active) -->
   <BODY BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#0000FF" VLINK="#000080" 
         ALINK="#FF0000">
    <DIV ALIGN="CENTER">
     <IMG SRC="../../images/apache_sub.gif" ALT="[APACHE DOCUMENTATION]">
    </DIV>
    <H1 ALIGN="CENTER">Cross Site Scripting Info</H1>
  <CENTER>Last Modified: <!--#flastmod file="index.html"--></CENTER>
  
  <H2>Introduction:</H2>
  
  <P>This page contains information about the Cross Site Scripting
  security issue, how it impacts Apache itself, and how to properly 
  protect against it when using Apache related technologies.
  
  <P>For an overview of the issue, please see the <A 
  HREF="http://www.cert.org/advisories/CA-2000-02.html">CERT Advisory 
  CA-2000-02</A> that has been released on the issue.  You should 
  also review their related <A 
  HREF="http://www.cert.org/tech_tips/malicious_code_mitigation.html">
  Understanding Malicious Content Mitigation For Web Developers</A> tech
  tips document.  The CERT advisory also contains links to a number of 
  documents that Microsoft has put out on the issue which are also worth
  reviewing if this issue impacts you.  The information contained in 
  these documents will not be repeated here; this information assumes you
  have read these documents and are familiar with the issue.
  
  <P>We would like to emphasize that this is <B>not</B> an attack
  against any specific bug in a specific piece of software.  It is
  not an Apache problem.  It is not a Microsoft problem.  It is not
  a Netscape problem.  In fact, it isn't even a problem that can be
  clearly defined to be a server problem or a client problem.  It is
  an issue that is truly cross platform and is the result of unforeseen
  and unexpected interactions between various components of a set of 
  interconnected complex systems.  
  
  <P>There are specific bugs in a wide range of web server products,
  including Apache, that allow for or contribute to the exploitation
  of this security problem.  These bugs should not be there and
  need to be fixed.  But it is critical to realize that this is only
  a tiny part of the total issue.  The most serious issue is in all
  the site specific code that generates dynamic content.  We are
  bringing you this information to educate you on the issues that
  have been discovered in Apache that are related to this security
  problem but, more importantly, help educate you on how this may
  impact your own local code developed using Apache related technologies
  and how you can fix it.
  
  <P>There is no "golden bullet" patch that server or client vendors
  can release that will magically fix this issue across all web
  servers or clients using that product.
  
  <P>We would also like to point out that it is important to 
  understand that this is not the old, well known issue, that if a site
  allows user A to submit content that is viewed by user B, it has to 
  be properly encoded.  This vulnerability is when the content is both
  submitted and viewed strictly by user A.  Due to the difficulty of 
  properly encoding output in all situations, many sites do not worry
  about encoding data that is only shown to the user that sent the data
  in their request due to the mistaken assumption that this doesn't pose
  a security threat.
  
  <H2>Does this impact my web site?</H2>
  
  <P>This is a serious security issue, with potential implications
  that are only starting to be understood.  However, it is critical
  to realize that this problem does not expose any way to break into
  the server itself.  What it allows is for malicious attackers to
  potentially take control of the interaction between a user and a
  website.  If your website contains entirely static content with
  all information being publicly accessible, an attacker can gain
  very little from taking over this interaction.  It is likely that the
  most serious thing that an attacker can potentially do in this situation
  is change how a page appears to a particular user.
  
  <P>The sites where this poses the most potential danger are sites
  where users have some type of account or login and where they can
  perform actions with real world implications or access data that
  should not be publicly available.  This security problem poses a
  serious threat to such sites; it isn't necessary to break into the
  server to take control of a site if instead you can gain access on
  the user's end of things.
  
  <H2>Ok, where is the Apache related information?</H2>
  
  <P>Right here:
  
  <UL>
  <LI><A HREF="apache_specific.html">Apache HTTP server specific information</A>
  <LI>Apache 1.3.12, which provides some protection against certain instances of
   this problem.
  <LI>Older <A HREF="apache_1.3.11_css_patch.txt">Apache patch</A> against
  1.3.11 that addressed the known issues in that version of Apache.
  <LI><A HREF="encoding_examples.html">Encoding Examples</A> page, describing
  how to properly encode your output to protect against this problem using
  common Apache related technologies, such as Apache modules, Perl, 
  and PHP.
  </UL>
  
  <H2>The Future</H2>
  
  <P>We do not expect this to be the last word on methods of exploiting
  this problem.  It is likely that there will be more changes to Apache in
  the future to help users deal with this issue, even if no more bugs are
  found in Apache itself.  Although we do provide most of the necessary
  information for sites to protect themselves against this type of attack,
  there are still many open issues associated with this issue.  
  
  <P>We realize that this is a complex issue and expect to update these 
  pages to describe the issues and fixes in more depth as time permits.
  
  <H2>Why the name "Cross Site Scripting"?</H2>
  
  <P>This issue isn't just about scripting, and there isn't necessarily 
  anything cross site about it.  So why the name?  It was coined earlier
  on when the problem was less understood, and it stuck.  Believe me, we
  have had more important things to do than think of a better name.
  &lt;g&gt;.
  
  <H2>Comments and Suggestions</H2>
  
  <P>You can send any comments or suggestions about this set of pages to 
  <A HREF="mailto:marc@apache.org">marc@apache.org</A>.  Note that I
  can not respond to questions or requests for assistance, so if that is
  what you are about to send then please save yourself the effort.
  
  <H2>Change History</H2>
  <UL>
  <LI>Wed Feb  2 01:06:01 MST 2000: initial revision.
  </UL>
  
  <H2>Thanks</H2>
  Thanks to <A HREF="http://www.cert.org/">CERT</A> for contacting the 
  Apache Software Foundation and not only allowing us to participate
  in the evaluation and release of this issue, but actively supporting
  our participation.  We would also like to thank <A
  HREF="http://www.microsoft.com/">Microsoft</A> for their research and
  cooperation in dealing with this issue.
  
  </BODY>
  </HTML>
  
  
  

Mime
View raw message