From owner-freebsd-chat Tue Dec 16 22:50:02 1997 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.7/8.8.7) id WAA16077 for chat-outgoing; Tue, 16 Dec 1997 22:50:02 -0800 (PST) (envelope-from owner-freebsd-chat@FreeBSD.ORG) Received: from misery.sdf.com (misery.sdf.com [204.244.210.193]) by hub.freebsd.org (8.8.7/8.8.7) with SMTP id WAA16037 for ; Tue, 16 Dec 1997 22:49:51 -0800 (PST) (envelope-from tom@sdf.com) Received: from tom by misery.sdf.com with smtp (Exim 1.73 #1) id 0xiD7Q-0001Rp-00; Tue, 16 Dec 1997 22:38:08 -0800 Date: Tue, 16 Dec 1997 22:38:07 -0800 (PST) From: Tom To: Charles Mott cc: chat@FreeBSD.ORG Subject: Re: Support for secure http protocols In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-chat@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Tue, 16 Dec 1997, Charles Mott wrote: > > Suggestion? Go SSL. It is standard now. It can be used for > > many protocols, as it can encapsulate nearly socket type date (stands for > > "secure sockets layer"). > > I'll look at the standard. I'm no expert, but I can feel the weight of > logic and clear reasoning crashing against my ssh suggestion. If somehow > SSL could be separated from end-use applications (maybe an ssld comparable > to inetd for processing and directing traffic) that would be nice. You could always write one. The SSLeay library is kinda cool too. You can take some existing sockets based application, and change the calls to use the lib, and presto, it has become secure (maybe not that simple, but you get the idea). See material on the SSLeay (though probably illegal in the US, you probably want the RSAref library). See the apache-ssl port as an example. > Charles Mott Tom