[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kfm-devel
Subject:    Re: TLS upgrades
From:       George Staikos <staikos () kde ! org>
Date:       2007-07-31 20:48:59
Message-ID: 482555E3-8303-4571-9A07-335994880341 () kde ! org
[Download RAW message or body]


On 24-Jul-07, at 10:48 AM, William A. Rowe, Jr. wrote:

> Josef Spillner wrote:
>> Funny deadlock:
>> - HTTP 1.1+TLS upgrade is supported by Apache httpd now (using  
>> SSLEngine
>> optional), but untested since "no browser supports it"
>> - it's also supported by Konqueror by means of kio_http, but untested
>> since "there's no server to test"
>>
>> Is anyone still working on this feature?
>
>
> Browser-wise, not that I'm aware of.  Because it's negotiated,  
> nobody has
> develped the UI-solution to represent the availability and optional  
> nature
> of the interface.

   Why don't we just "do it"?  I see no need to pester the user about  
this.

> If server insists on it, there is still the lingering question of  
> seeing
> 'strong lock' secured labels while presenting an http: (not https:)  
> URL.
> It cannot be represented as https: as that is an implicit port 443:.

    I would defer to W3C and upcoming recommendations regarding this.

--
George Staikos
KDE Developer				http://www.kde.org/
Staikos Computing Services Inc.		http://www.staikos.net/



[prev in list] [next in list] [prev in thread] [next in thread]