From owner-freebsd-hackers  Tue Dec 16 21:20:18 1997
Return-Path: <owner-freebsd-hackers>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.7/8.8.7) id VAA10188
          for hackers-outgoing; Tue, 16 Dec 1997 21:20:18 -0800 (PST)
          (envelope-from owner-freebsd-hackers)
Received: from misery.sdf.com (misery.sdf.com [204.244.210.193])
          by hub.freebsd.org (8.8.7/8.8.7) with SMTP id VAA10138;
          Tue, 16 Dec 1997 21:20:05 -0800 (PST)
          (envelope-from tom@sdf.com)
Received: from tom by misery.sdf.com with smtp (Exim 1.73 #1)
	id 0xiBia-0001Pr-00; Tue, 16 Dec 1997 21:08:24 -0800
Date: Tue, 16 Dec 1997 21:08:24 -0800 (PST)
From: Tom <tom@sdf.com>
To: Charles Mott <cmott@srv.net>
cc: chat@freebsd.org, softweyr@xmission.com, hackers@freebsd.org,
        isp@freebsd.org
Subject: Re: Support for secure http protocols
In-Reply-To: <Pine.BSF.3.96.971216195732.6298A-100000@darkstar.home>
Message-ID: <Pine.BSF.3.95q.971216210514.5409A-100000@misery.sdf.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-hackers@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk


On Tue, 16 Dec 1997, Charles Mott wrote:

> "anonymous" ssh server on the web server, and then have the client

  Except that this does not deal with authentication.  This is what the
SSL certificate system does for you.

  Suggestion?  Go SSL.  It is standard now.  It can be used for
many protocols, as it can encapsulate nearly socket type date (stands for
"secure sockets layer").

  You can get apache-ssl from ports.  Get a certificate from a
certificate granting authority (ex.  Verisign), and your done.  Works with
all standard browser now.

Tom