Re: Netscape Server security question...

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Scott Lawrence: "HTTP Interoperability Test 10-30"
• Previous message: Turner, Randy: "Netscape Server security question..."
• Maybe in reply to: Turner, Randy: "Netscape Server security question..."

Turner, Randy wrote:
> 
> Sorry to bother the list with this non-HTTP related question, but I was
> hoping to find major HTTP server implementers on the list that are using
> SSL3 to secure documents. This is an SSL3-related question. The
> Internet Printing Protocol (IPP) working group is considering requiring
> SSL3/TLS framing for negotiating security for internet printing. The
> minimal level of security that is required is basically NULL security.
> That is, to be compliant, a client or server must use TLS framing with
> support for SSL3 compatibility, and the minimum level of security that
> must be supported is NONE.
> 
> My question is if someone implements IPP as an ISAPI, NSAPI, or CGI
> backend service, will the generic HTTP 1.1 server accept or allow
> negotiation down to NULL security (the way the TLS document
> suggests...).

Apache-SSL will.

Cheers,

Ben.

-- 
Ben Laurie            |Phone: +44 (181) 735 0686|Apache Group member
Freelance Consultant  |Fax:   +44 (181) 735 0689|http://www.apache.org
and Technical Director|Email: ben@algroup.co.uk |Apache-SSL author
A.L. Digital Ltd,     |http://www.algroup.co.uk/Apache-SSL
London, England.      |"Apache: TDG" http://www.ora.com/catalog/apache

• Next message: Scott Lawrence: "HTTP Interoperability Test 10-30"
• Previous message: Turner, Randy: "Netscape Server security question..."
• Maybe in reply to: Turner, Randy: "Netscape Server security question..."