Return-Path: Delivered-To: new-httpd-archive@hyperreal.org Received: (qmail 11729 invoked by uid 6000); 4 Feb 1999 14:45:50 -0000 Received: (qmail 11722 invoked from network); 4 Feb 1999 14:45:48 -0000 Received: from slarti.muc.de (193.174.4.10) by taz.hyperreal.org with SMTP; 4 Feb 1999 14:45:48 -0000 Received: (qmail 27104 invoked by uid 66); 4 Feb 1999 14:46:43 -0000 Received: from en by slarti with UUCP; Thu Feb 4 14:46:43 1999 -0000 Received: by en1.engelschall.com (Sendmail 8.9.2) for new-httpd@apache.org id PAA05362; Thu, 4 Feb 1999 15:43:07 +0100 (CET) Date: Thu, 4 Feb 1999 15:43:06 +0100 From: "Ralf S. Engelschall" To: Apache Group Developer ML Subject: ANNOUNCE: mod_ssl 2.2 Message-ID: <19990204154306.A5290@engelschall.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.95.1i Organization: Engelschall, Germany. X-Web-Homepage: http://www.engelschall.com/ X-PGP-Public-Key: https://www.engelschall.com/ho/rse/pgprse.asc X-PGP-Fingerprint: 00 C9 21 8E D1 AB 70 37 DD 67 A2 3A 0A 6F 8D A5 Sender: new-httpd-owner@apache.org Precedence: bulk Reply-To: new-httpd@apache.org As always, I just announce major revisions and not minor patchlevels to not annoy people with announcements every week. But now that the third mod_ssl development cycle was entered it's again my pleasure to announce the new version: mod_ssl 2.2. I just want to remind you to look at the latest developments in the `SSL support for Apache' area when you've still not done this in the past. The major new thing in mod_ssl 2.2 is the ability for per-directory context reconfiguration of SSL parameters. It's an interesting concept because it's implemented by forced SSL renegotiations between the HTTP request and the HTTP response. When you're interested in such stuff, have a look at it. The official announcement text follows... _ _ _ __ ___ ___ __| | ___ ___| | | '_ ` _ \ / _ \ / _` | / __/ __| | | | | | | | (_) | (_| | \__ \__ \ | ``mod_ssl combines the flexibility of |_| |_| |_|\___/ \__,_|___|___/___/_| Apache with the security of SSLeay.'' |_____| ``Ralf Engelschall has released an mod_ssl - Apache Interface to SSLeay excellent module that integrates http://www.engelschall.com/sw/mod_ssl/ Apache and SSLeay.'' Version 2.2 -- Tim J. Hudson, SSLeay co-author This Apache module provides strong cryptography for the Apache 1.3 webserver via the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols by the help of the SSL/TLS implementation library SSLeay from Eric A. Young and Tim J. Hudson. The mod_ssl package was created in April 1998 by Ralf S. Engelschall and was originally derived from software developed by Ben Laurie for use in the Apache-SSL HTTP server project. As a summary, here are its main features: o Open-Source software (BSD-style license) o Useable for both commercial and non-commercial use o Available for both Unix and Win32 platforms o 128-bit strong cryptography world-wide o Support for SSLv2, SSLv3 and TLSv1 protocols o Clean reviewable ANSI C source code o Clean Apache module architecture o Integrates seamlessly into Apache through an Extended API (EAPI) o Full Dynamic Shared Object (DSO) support o Support for the SSLeay+RSAref US-situation o Advanced pass-phrase handling for private keys o X.509 certificate based authentication for both client and server o Support for per-URL renegotiation of SSL handshake parameters o Support for explicit seeding of the PRNG from external sources o Additional boolean-expression based access control facility o Backward compatibility to other Apache SSL solutions o Inter-process SSL session cache o Powerful dedicated SSL engine logging facility o Simple and robust application to Apache source trees o Fully integrated into the Apache 1.3 configuration mechanism o Additional integration into the Apache Autoconf-style Interface (APACI) o Assistance in X.509 v3 certificate generation For more details about mod_ssl please visit its net locations under: http://www.engelschall.com/sw/mod_ssl/ ftp://ftp.engelschall.com/sw/mod_ssl/ Ralf S. Engelschall rse@engelschall.com www.engelschall.com