Return-Path: 
 <new-httpd-return-3181-apmail-new-httpd-archive=apache.org@apache.org>
Delivered-To: apmail-new-httpd-archive@apache.org
Received: (qmail 41886 invoked by uid 500); 1 May 2000 13:31:09 -0000
Mailing-List: contact new-httpd-help@apache.org; run by ezmlm
Precedence: bulk
X-No-Archive: yes
Reply-To: new-httpd@apache.org
list-help: <mailto:new-httpd-help@apache.org>
list-unsubscribe: <mailto:new-httpd-unsubscribe@apache.org>
list-post: <mailto:new-httpd@apache.org>
Delivered-To: mailing list new-httpd@apache.org
Received: (qmail 41874 invoked from network); 1 May 2000 13:31:09 -0000
Date: Mon, 1 May 2000 10:09:14 +0200
From: "Ralf S. Engelschall" <rse@engelschall.com>
To: modssl-users@modssl.org
Subject: Re: Apache 2.0 API and mod_ssl
Message-ID: <20000501100914.A86387@engelschall.com>
References: <0A2FDC11F692D311AA730008C7B161F2CCE9AD@exbhbhmb04.us.dbisna.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.1.12i
In-Reply-To: 
 <0A2FDC11F692D311AA730008C7B161F2CCE9AD@exbhbhmb04.us.dbisna.com>;
 from ZakonS@eccelerate.com on Sun, Apr 30, 2000 at 04:49:01PM -0400
Organization: Engelschall, Germany.
X-Web-Homepage: http://www.engelschall.com/
X-PGP-Public-Key: https://www.engelschall.com/ho/rse/pgprse.asc
X-PGP-Fingerprint: 00 C9 21 8E D1 AB 70 37 DD 67 A2 3A 0A 6F 8D A5
Sender: jim@jaguNET.com
Reply-To: modssl-users@modssl.org
X-Sender: "Ralf S. Engelschall" <rse@engelschall.com>
X-List-Manager: Majordomo [version 1.94.4]
X-List-Name: modssl-users
X-Spam-Rating: locus.apache.org 1.6.2 0/1000/N

On Sun, Apr 30, 2000, Zakon, Stuart wrote:

> Are there any sources which describe how the Apache 2.0 API
> will affect future mod_ssl integration?
> 
> In particular we are interested in how the EAPI might be affected
> since we are currently implementing a module which leverages
> the client 'hooks' in the EAPI.

The Apache 2.0 API is still horribly in flux (and IMHO still far away
from a real and clean API on which one can count). So it is even still
not clear to myself how the Apache 2.0 API and Apache 2.0 itself will
finally affect the future of mod_ssl. At this point I'm myself still not
convinced that Apache 2.0 actually has a reasonable future at all :-(

Apache 2.0 already contains partial functionality which can replace
EAPI, but not all of EAPI. We could add the remaining EAPI functionality
to Apache 2.0, or rewrite mod_ssl to no longer provide functionality
which is now based on EAPI, or ignore the Apache 2.0 issue at all and
stick with Apache 1.3. Which way we go is still not clear. Perhaps there
are more possibilities I've still not recognized. We will see...

The whole decisions have to be delayed until Apache 2.0 settled a lot
more and especially until the politics behind Apache 2.0 become more
clear (especially the involvement and intentions of some vendors).
Because at this stage it is far away from clear where Apache 2.0 will go
and why it goes this way (I know that some of us will not agree with my
point of view here).

There are issues in the Apache 2.0 development which we have to still
observe before implications can be made (like the fact that more and
more non-Unix platforms are worked on while focus on Unix flavors
decreases dramatically; the fact that important technologies like
Autoconf and DSO are used too thoughtless and without enough care; the
fact that the 2.0 API will be as unclean as the 1.3 API because people
have no priority on creating a well-thought out API, etc.). So currently
IMHO it is a pure waste of manpower to pre-port mod_ssl to Apache 2.0,
because it would end in a maintainance desaster until a 2.0 release
version is available. And because of the same reasons I still cannot
give you a reasonable statement how Apache 2.0 will affect the future of
mod_ssl. I've a few plans for mod_ssl under my desk, but nothing I can
share in public.

The only point on which you can count is the same as the point I count
on: If you program with EAPI, you can be sure that both your module
will run the next 12 months without problem (because Apache 2.0 will
certainly require this time until it is ready for production) and that
guidelines to convert from EAPI to Apache 2.0 API will be available
later, too. And you can be sure that mod_ssl will exist in the future,
too ;)

Yours,
                                       Ralf S. Engelschall
                                       rse@engelschall.com
                                       www.engelschall.com

    I don't know if it's what you want, but it's what you get.
               -- Larry Wall
    What you see is all you get.
               -- Brian Kernighan

______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
User Support Mailing List                      modssl-users@modssl.org
Automated List Manager                            majordomo@modssl.org