httpd-docs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kyle Hamilton" <kya...@kyanha.net>
Subject Re: Documentation for Apache httpd SSLVerifyClient considered harmful
Date Wed, 18 Apr 2012 04:34:40 GMT

On Tue, Apr 17, 2012 at 7:26 PM, Eric Covener <covener@gmail.com> wrote:
> Can you elaborate on the suggested update then?  Or do you think the
> list of options stands on its own?

The list stands enough on its own that it doesn't need extensive treatment.  The only thing
I request is that the paragraph that starts with "In practice only" be removed.

For the existing admin, changing the descriptions in the documentation isn't going to make
the labels any more or less self-descriptive or change the way their existing applications
authenticate.  Meanwhile, the new admin will have the same reference documentation that other
admins have successfully deployed with, but without the prejudice as to optional_no_ca utility.

I think that the deficiencies in the mod_ssl documentation would be best addressed with a
complete rewrite, and Symantec (no affiliation) is offering to do just that.  Geoff Noakes
has set up a conference call next Monday (April 23) 1pm-2pm PDT on the topic, and I would
prefer to address the specifics at that time.

I will happily provide technical review if that's the only thing that would stand in the way
of the contribution.  I've been working with mod_ssl since before Wassennar in 1998, before
it was officially part of httpd.

-Kyle H
Mime
View raw message