[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-core-devel
Subject:    Re: SSL in KDE going forward
From:       Brad Hards <bradh () frogmouth ! net>
Date:       2011-06-10 5:04:16
Message-ID: 201106101504.16682.bradh () frogmouth ! net
[Download RAW message or body]

On Thu, 9 Jun 2011 06:12:22 AM Richard Moore wrote:
> http://developer.qt.nokia.com/wiki/Improving_Qts_SSL_Support
Looks fairly complete to me. I'm not sure renegotiation info is all that 
niche, but its all a matter of perspective.

> If you know something that is needed for KDE but isn't listed then let me
> know.
I don't know about "needed", but an open-ended API for handling the underlying 
API plus TLS extensions (i.e. the rest of RFC4366) might be useful. I haven't 
really thought this through, but things along the lines of
- is this capability / extension supported?
- here is some key/value pair (or set of pairs)
- can I have the value for this key (or set of keys)

While thinking about this, it occurred to me that perhaps SSL (or TLS) is not 
the only question in this area. Does KDE also need other auth support (I know 
about the NTLM stuff, and Thiago has indicated that there is planned support 
for Kerberos: http://bugreports.qt.nokia.com/browse/QTBUG-1538), but maybe the 
smart people can figure out a generalised approach to authentication?

> ps. designing a new non-SSL based infrastructure for online
> transactions is out of scope.#
wuss :-)

Brad
[prev in list] [next in list] [prev in thread] [next in thread]