httpd-modules-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Arturo 'Buanzo' Busleiman <>
Subject Re: Introducing mod_enigform.
Date Tue, 10 Apr 2007 14:38:56 GMT
Hash: SHA512

Hi Karl, thanks for your input:

Karl Southern wrote:
> This might be off at a bit of a tangent, but I'd love to test this out
> and I'd be interested in seeing some sort of provision for redirection
> or something, if the signing isn't available. Possibly a little out of
> scope as this is achievable through  mod_rewrite.

Well, I guess it wouldn't be difficult to add a parameter to specify a redirection
url for certain cases. Like, an url to redirect when request is not signed, another when
verification fails, but in any case I'm adding some headers to the request, that can
tell a web application (or other modules) verification status, etc. Of course, my module remove
any of those headers from incoming requests, to avoid spoofing.

> What I'd really love to see is support for mod_dbd, etc. so that keys
> could be stored in a database and yanked from there.

Never heard of it. Could you contact me offlist, or onlist if appropaite, so we can discuss

> Also off at a giant tangent, is there any plans for a signed response in
> the specs (I assume this would require a fully buffered response, which
> would be rather "expensive")? If so, any plans on this module supporting
> that?

Signing responses it's a matter of adding the required headers to the outgoing reply, so,
as long as
they're added before any other output, no buffering seems necessary (at least from an 'outside
modules' perspective. I guess that would probably fall into another module, or in a PHP Class,

- --
Arturo "Buanzo" Busleiman - Consultor Independiente en Seguridad Informatica
Foros GNU/Buanzo: Respeto, Soluciones y Buena Onda:
Consulting and Secure Mail Hosting:
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla -


View raw message