httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Gonyou, Austin" <aus...@coremetrics.com>
Subject RE: mod_tls
Date Thu, 23 Aug 2001 20:51:33 GMT
Agreed. Thanks for all the thoughts!

-- 
Austin Gonyou
Systems Architect, CCNA
Coremetrics, Inc.
Phone: 512-796-9023
email: austin@coremetrics.com 

> -----Original Message-----
> From: Ryan Bloom [mailto:rbb@covalent.net]
> Sent: Thursday, August 23, 2001 11:57 AM
> To: dev@httpd.apache.org; MATHIHALLI,MADHUSUDAN (HP-Cupertino,ex1)
> Subject: Re: mod_tls
> 
> 
> 
> Probably, but renames are a PITA.
> 
> Ryan
> 
> On Thursday 23 August 2001 09:47, MATHIHALLI,MADHUSUDAN 
> (HP-Cupertino,ex1) wrote:
> > Ok.. So, what you mean is to have 2 modules - (1). mod_ssl 
> to implement the
> > HTTPS stuff, and (2). mod_tls which does just the SSL 
> filtering. That's
> > great !!..
> >
> > So, in that case, is it worthwhile to rename mod_tls to 
> something like
> > ssl_filter and mod_ssl to mod_https ?..
> >
> >
> > Thanks
> > -Madhu
> >
> >
> > -----Original Message-----
> > From: Ryan Bloom [mailto:rbb@covalent.net]
> > Sent: Thursday, August 23, 2001 9:37 AM
> > To: dev@httpd.apache.org; MATHIHALLI,MADHUSUDAN (HP-Cupertino,ex1)
> > Subject: Re: mod_tls
> >
> >
> >
> > Because mod_ssl only implements the SSL wrapping for HTTP.  
> The idea is
> > that the filters go in mod_tls, and mod_ssl just has the 
> logic to make the
> > filters work
> > for HTTP.  That way, SSL can work with POP3, NNTP, and the proxy.
> >
> > Ryan
> >
> > On Thursday 23 August 2001 09:33, MATHIHALLI,MADHUSUDAN 
> (HP-Cupertino,ex1)
> >
> > wrote:
> > > Why ?..I see mod_ssl as a superset of mod_tls.. Both 
> mod_tls and mod_ssl
> > > are capable of SSL & TLS protocol comm., and they both 
> use the same
> >
> > utility
> >
> > > (OpenSSL) for achieving it..
> > > (AFAIK, mod_ssl goes a step further by being compatible 
> with SSL-C).
> > >
> > > The only reason why mod_tls has to be maintained (if at 
> all) is because
> > > it's a lot simple to understand and easier to manipulate..
> > >
> > > Just my thoughts..
> > > -Madhu
> > >
> > > -----Original Message-----
> > > From: Ryan Bloom [mailto:rbb@covalent.net]
> > > Sent: Thursday, August 23, 2001 7:55 AM
> > > To: dev@httpd.apache.org; Greg Ames
> > > Subject: Re: mod_tls
> > >
> > >
> > >
> > > At some point, the mod_ssl filters should be removed from 
> mod_ssl, and
> > > put into mod_tls.  That way, the same filters can be used 
> for the proxy,
> > > and other
> > > protocols, without the mod_ssl wrapper stuff.
> > >
> > > Ryan
> > >
> > > On Thursday 23 August 2001 06:41, Greg Ames wrote:
> > > > Cliff Woolley wrote:
> > > > > I'm sure this has been discussed, but someone please 
> remind me what
> >
> > was
> >
> > > > > decided.  Are we going to continue to maintain 
> mod_tls?  I'm sure
> >
> > there
> >
> > > > > are some changes that have been made to mod_ssl that 
> would need to be
> > > > > ported over to mod_tls if we are.
> > > >
> > > > <disclaimer: definately not an expert on this stuff>
> > > >
> > > > I believe mod_tls is a layer that isolates mod_ssl from 
> the filter
> > > > chain in 2.0.  So we need both.  If someone wrote an 
> alterative to
> > > > mod_ssl, presumably that would use mod_tls as well.
> > > >
> > > > Greg
> 
> -- 
> 
> ______________________________________________________________
> Ryan Bloom                        	rbb@apache.org
> Covalent Technologies			rbb@covalent.net
> --------------------------------------------------------------
> 

Mime
View raw message