[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: LYNX-DEV progress on user certificate support for Lynx
|
From: |
nospam-seesignature |
|
Subject: |
Re: LYNX-DEV progress on user certificate support for Lynx |
|
Date: |
Fri, 25 Jul 1997 16:11:38 -0400 |
On Fri, 25 Jul 1997, Bruce R. Lewis wrote:
> At this point, our main priority is making something stable and well
> tested available for students this fall, but we're still interested in
> what will expedite integration of the changes into some "mainstream"
> distribution, e.g. Fote's SSL mods. If you have suggestions, please
> send them to the lynx-dev list. I will be away from e-mail for a week,
> but Emil will see them and others on lynx-dev can add to them.
For user certs to be trusted, you need to obtain them via a secure and
authenticated channel (to prevent man-in-the-middle attacks). Unless you
are mailing them using PGP or some other secure mailer, you need to
implement full SSL even if only for this one transaction.
The only thing I would worry about is segregating the code enough so that
a diff from your inital starting code would apply somewhat cleanly to the
development distributions (fotemods and 2-7-1-ac-40 or whatever).
The other suggestion would be to publish the diff in an MIT magazine in
the form that the PGP source is (the utils PGP used should be available
publically soon), so that they could be scanned in outside the US, and
then it would be a matter of importing (download 2-7-1 locally, then
mitcert from somewhere (and the latest SSLeay), and apply devpatches, and
then compile).
--- reply to tzeruch - at - ceddec - dot - com ---
;
; To UNSUBSCRIBE: Send a mail message to address@hidden
; with "unsubscribe lynx-dev" (without the
; quotation marks) on a line by itself.
;