httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Reindl Harald <>
Subject Re: agent-based framework for httpd private keys
Date Sun, 09 Feb 2014 11:07:36 GMT

Am 09.02.2014 08:15, schrieb Kaspar Brand:
> On 07.02.2014 01:58, Daniel Kahn Gillmor wrote:
>> As part of the goal of dropping encrypted private key support, have you
>> considered using an agent-based framework for private keys?
> I haven't, no, since an important aspect of that goal is to reduce
> complexity in code. Dropping ssl_load_encrypted_pkey and friends from
> trunk amounts to a reduction of about 5% of mod_ssl's ~15,000 LoC right now

may i notice as server-admin that i am not willing to run whatever agent
additional on headless machines and most admins out there do the same

first rule:  stop and disable anything
second rule: now enable the things you really need
third rule:  consider to replace software which pulls to much here

View raw message