On 02/02/11 23:48, Gervase Markham wrote:
Sounds technically plausible - we can possibly require all the security groupt to use Firefox 4 - but seems like it would require some serious Apache mod_ssl hacking.
Not necessarily - Bugzilla could, for those accounts, instead of generating the session token, do a redirect to a different url (that had the different apache mod_ssl config options) as a second step.
You'd break xml-rpc stuff that way unless you were a bit careful, though (eg checking if the cert was provided unprompted somehow?)
Bradley -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
