(another) WebKit port of Browse

Carol Lerche cafl at msbit.com
Tue Jul 8 01:03:46 EDT 2008


Allowing the null encryption algorithm in the browser would enable it for
other later negotiations, which seems an unnecessary exposure to suppress
the encryption for a single small https exchange.  But it would certainly be
possible.

On Mon, Jul 7, 2008 at 9:44 PM, <david at lang.hm> wrote:

> On Mon, 7 Jul 2008, Martin Langhoff wrote:
>
>  On Mon, Jul 7, 2008 at 7:20 PM, Carol Lerche <cafl at msbit.com> wrote:
>>
>>> Why does automatic authentication require a custom browser?  Client
>>> certificates work well for this function in ordinary web applications
>>> (assuming a properly configured server).
>>>
>>
>> I haven't delved into this deeply yet, but I suspect that, while I am
>> fond of client certs, they won't work - SSL network and CPU overhead
>> and sidestepping PKI madness for server certs. More on this when I get
>> to implement it.
>>
>
> what about using client certs, but then null encryption after that? it's a
> non-standard config, but that's just a config option, not code changes.
>
> David Lang
>
>
>  Now, anyone who wants to have a strong say on how I am developing this
>> is free to start implementing it ahead of me, and showing me some
>> fantastic patches :-)
>>
>> cheers,
>>
>>
>>
>> m
>>
>>


-- 
Frisbeetarianism is the belief that when you die, your soul goes up on the
roof and gets stuck -- George Carlin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.laptop.org/pipermail/devel/attachments/20080707/008e7d5e/attachment.html>


More information about the Devel mailing list