httpd-docs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Daniel Ruggeri <>
Subject A review of SSL docs WAS Re: A proposal from Symantec for cleaning up the SSL-related documentation for Apache's HTTPD
Date Wed, 04 Apr 2012 23:20:48 GMT
On 4/4/2012 8:39 AM, Rich Bowen wrote:
> Here's what I'd like to see happen, personally.
> * A review of the existing SSL sub-tree
> ( for both content and
> structure, and a recommendation of how it could be better structures
> (ie, a T.O.C. for that subtree)
> * Prose for the various "chapters" in that section.

I have reviewed these docs, Rich, and have some notes to provide. I'd
like if other folks would have a look, too, so we can maybe get things
in good shape sooner rather than later. I'm ready to move on a few
things but would like to get consensus on two things below... - The examples are
still valid in today's world. I'm not sure if this particular doc is the
place.... but having SSL proxy examples would also be helpful since all
of those directives actually come from mod_ssl (and there are pointers
in the proxy doco to mod_ssl). Thoughts? - No rubbish here.
I think this document is outstanding. - This document
may no longer be relevant. There have been so many changes since
creation that I think this doc could be scrapped or repurposed to
discuss integration issues only. Some examples would include notes about
older browsers and supported levels of crypto, the emergence of TLS1.1,
SNI and compatible browsers, OCSP, etc. I'm willing to take a whack at
it and will write a bug to make myself do it in the coming days if the
list agrees. - Could use a
general refreshing... most of the content isn't bad, but it could stand
to be reorganized. Does anyone else kind of feel like this kind of
document would be better served as a wiki article?

By the way, great job on these docs. SSL is a tough topic and I think
there is more than enough content here to get someone going and keep
them going for a while. It reads like an expert wrote it for fledgeling
server admin and I'm not sure I agree with a lot of the assertions made
about the content recently.

Daniel Ruggeri

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message