[Twisted-web] Dynamic SSL context
James Y Knight
foom at fuhm.net
Thu Aug 18 22:43:22 MDT 2005
On Aug 18, 2005, at 2:10 PM, Jason Fritcher wrote:
> Jp Calderone wrote:
>
>> There are some experiments that add STARTTLS-like functionality to
>> HTTP,
>> but as far as I know, none are widely (>0.1% of clients) supported.
>>
>
> Apache 2.1/2 is implementing RFC 2817, Upgrading to TLS Within HTTP/
> 1.1.
> So atleast there is a standard for doing so now.
Ugh. That standard has been around for a while now. However, it's
broken and will never be implemented in browsers. I hope. Cause, even
if it is, it's completely broken in the face of proxies. I'm
surprised apache bothered to implement it.
See also the thread <http://jis.mit.edu/pipermail/saag/
2001q4/000253.html>
Especially also this message: <http://jis.mit.edu/pipermail/saag/
2001q4/000265.html>
Ah, I see in the bug report requesting the behavior the original for
apache they say they just committed it because they were going to
change other things and didn't want to lose the patch (but I can't
imagine why not, really...) <http://issues.apache.org/bugzilla/
show_bug.cgi?id=14703>
James
More information about the Twisted-web
mailing list