lynx-dev
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: LYNX-DEV Update on SSL and Lynx


From: Foteos Macrides
Subject: Re: LYNX-DEV Update on SSL and Lynx
Date: Sun, 08 Dec 1996 19:11:45 -0500 (EST)

Subir Grewal <address@hidden> wrote:
>I'd appreciate an update on the status of SSL capability for Lynx.  I know
>we spoke a few weeks ago about the possibility of hosting Tom's patch in
>Canada, and there was a brief discussion between Fote and Tom to
>synchronise SSL capability.  Since I haven't been able to build 2.6 +
>composite on the three OSs I have access to (two SunOS 4.1.3s, an Ultrix
>system and a VAX-VMS) I don't know whether SSL is in the composite, I
>think not, though I recollect something flying past me that suggested Fote
>had put up a SSL-capable binary at WFBR.  So what exactly is the situation
>right now?  I know Tom is still working on finding a safe home for the
>proxy code, and clarifying the legal issues.  I added a little section to
>the patches page saying the SSL patch itself had been withdrawn and Tom
>was advocating the proxy solution (which seems very elegant to me as
>well), but nothing further.  I have recieved enquiries over the past week
>though.  

        I don't think there is any good answer to this.  I have a
lynx2-6ssleay.zip replacement file set, as discribed in the appended
SSLeay.announce, and I've been emailing it uuencoded to people who
asked with a statement that they are US or Canadian citizens and
don't plan to misuse it.  Tom also has it, and can include it with
his "hook-less Lynx" daemon for people who send him the equivalent
statement.  I'm not a lawyer, either, but I think it could be provided
from somewhere or other based on a form people fill out to provide
those statements.  I can't set up anything like that here, and don't
know if anyone else wants to step into the quagmire and do it.  I update
the zip whenever HTAAUtils.c, HTFormat.c, HTNews.c or HTTP.c are modified,
which isn't often, but were on the 7th.

                                Fote

=========================================================================
 Foteos Macrides            Worcester Foundation for Biomedical Research
 address@hidden         222 Maple Avenue, Shrewsbury, MA 01545
=========================================================================

                                07-Dec-1996

        Lynx has HTTPS, SNEWS and CONNECT support via patches or
replacement files for the general distribution.  It currently is based
on the SSLeay crypto and SSL libraries, whose distribution and use
are restricted by licenses and state and US laws and regulations as
described in:

   Linkname: SSLeay: SSLeay and SSLapps FAQ
        URL: http://psych.psy.uq.oz.au/~ftp/Crypto/

        The original implementation of HTTPS support in Lynx was done
by Lou Montulli (address@hidden) for lynx2-3-8, using the RSA
encryptions library and Netscape SSL library.  Fote Macrides adapted
that to lynx2-4-FM, and used it as a model for adding the SNEWS support.
Fote also added CONNECT support (for tunneling HTTPS and SNEWS requests
and documents through proxy servers), based on discussions with Ari
Luotonen (address@hidden) about the procedure and his patch for
implementing CONNECT support in the CERN proxy server.  The hooks for
SSL support subsequently had to be removed from the general Lynx
distribution to avoid problems related to US Export Law restrictions.
 
        Tom Zerucha (address@hidden) subsequently adapted the hooks
for use with the SSLeay libraries, and had been maintaining them
as a patch set available to qualified recipients via:

        http://www.mich.com/~thomas/ftp/lynxpatches

for application to the Lynx general distributions.

        The December 7, 1996 SSL hook replacement file set is
Fote's adaptation of Tom's patch set for use with Lynx2-6 and
Fote's general replacement file set through that date.  The SSL
hook replacement files are:

         HTAAUtils.c, HTFormat.c, HTNews.c and HTTP.c

in the lynx2-6/WWW/Library/Implmentation subdirectory (which contain
the hooks).  A replacement for the top-level Makefile for Unix, and
lynx2-6/buildssl.com and lynx2-6/WWW/Library/vms/libmakessl.com files
for VMS, also are included.  Read the Makefile or .com files for more
information about building an SSL-capable Lynx.

        Updates of the SSL hooks are needed *only* if one or more
of the above four C modules (or Unix Makefile or VMS .com files)
change.

        Note that  to avoid patent problems in the US, SSLeay should
be made using RSAREF.  SSLeay has documentation on how to do this.
Also see the comments on SSL_LIBS in the Makefile.
;
; To UNSUBSCRIBE:  Send a mail message to address@hidden
;                  with "unsubscribe lynx-dev" (without the
;                  quotation marks) on a line by itself.
;

reply via email to

[Prev in Thread] Current Thread [Next in Thread]