1995-09-23 - Re: “Gnusaic”? Why not a Gnu-Style Web Browser?

Header Data

From: hallam@w3.org
To: Stephan Somogyi <cypherpunks@toad.com
Message Hash: 0ceadb9bd830802e39b269924ec5c865a5131f423d28c87b3362224d988a9f65
Message ID: <9509230442.AA07912@zorch.w3.org>
Reply To: <v03003400ac88a55e4e4b@[198.93.25.99]>
UTC Datetime: 1995-09-23 04:42:57 UTC
Raw Date: Fri, 22 Sep 95 21:42:57 PDT

Raw message

From: hallam@w3.org
Date: Fri, 22 Sep 95 21:42:57 PDT
To: Stephan Somogyi <cypherpunks@toad.com
Subject: Re: "Gnusaic"? Why not a Gnu-Style Web Browser?
In-Reply-To: <v03003400ac88a55e4e4b@[198.93.25.99]>
Message-ID: <9509230442.AA07912@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain



>Has anyone already created the necessary patches for Apache
><http://www.apache.org/>, or does anyone know whether the Apache dev
>team would be amenable to including conditional directives to allow the
>build of a secure version? If anyone is thinking of making the effort
>to create a publicly available secure server, Apache's probably the
>best source base to work with.

I can't speak for Apatche but we have two of the developers in the building 
here.  From what they have said security patches would be wellcomed with open 
arms. If anyone wants to do the same for the CERN server, we can roll it out 
through W3C likewise.

The real issue though would be whetehr there was confidence in the security of 
the system. Simply bolting SSL in in a cack handed manner would not cut it IMHO. 
Basically I would not recommend a release of such a system to the Apatche group 
unless a I was happy with the security of the whole system. This may well 
involve a number of fixes in the rest of the code.

I'm also very interested if anyone wants to brave S-HTTP, there is a public 
domain version in production. Basically the more people want to work on this 
type of stuff the better.

The main hassle is in programming the authorization stuff however... don't 
underestimate the amount of work involved in doing a good job there.

	Phill




Thread