The referrence here is one about all the filters used by apache 2.0. If
there is a filter bucket in APR, it's understandable that Apache 2.0 modules
will have 2 parts. The logic piece and the filter piece. As far as I can
tell, the filter mechanism allows for some distinct advantages and makes for
a very flexible configuration framework. My issue here is that if mod_tls is
sacrificed, then what's the point of using filters at all anyway? That said,
could it be said that you CAN write a module for Apache 2.0 without needing
the use of filters? If so, then that makes sense.
--
Austin Gonyou
Systems Architect, CCNA
Coremetrics, Inc.
Phone: 512-796-9023
email: [EMAIL PROTECTED]
> -----Original Message-----
> From: MATHIHALLI,MADHUSUDAN (HP-Cupertino,ex1)
> [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, August 28, 2001 9:39 PM
> To: '[EMAIL PROTECTED]'
> Subject: RE: mod_tls
>
>
> 'not sure what you mean by "entire filter scheme" - if you're
> referring to
> the proposal to seperate the HTTPS and the SSL filter logic -
> I'd rather
> prefer to leave SSL as it is (especially if it works with
> other protocol
> modules)..
>
> Thanks
> -Madhu
>
> -----Original Message-----
> From: Gonyou, Austin [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, August 28, 2001 1:08 PM
> To: '[EMAIL PROTECTED]'
> Subject: RE: mod_tls
>
>
> Kewl. Less maintenance all around. Is the entire filter
> scheme doomed like
> this though?
>
> --
> Austin Gonyou
> Systems Architect, CCNA
> Coremetrics, Inc.
> Phone: 512-796-9023
> email: [EMAIL PROTECTED]
>
> > -----Original Message-----
> > From: Ryan Bloom [mailto:[EMAIL PROTECTED]]
> > Sent: Tuesday, August 28, 2001 1:58 AM
> > To: [EMAIL PROTECTED]; Doug MacEachern
> > Cc: MATHIHALLI,MADHUSUDAN (HP-Cupertino,ex1)
> > Subject: Re: mod_tls
> >
> >
> > On Monday 27 August 2001 23:03, Doug MacEachern wrote:
> > > On Thu, 23 Aug 2001, Ryan Bloom wrote:
> > > > Because mod_ssl only implements the SSL wrapping for
> > HTTP. The idea is
> > > > that the filters go in mod_tls, and mod_ssl just has the
> > logic to make
> > > > the filters work for HTTP. That way, SSL can work with
> > POP3, NNTP, and
> > > > the proxy.
> > >
> > > i think mod_ssl should work with all protocols (it works
> > with nntp right
> > > now). mod_ssl provides features such as:
> > > CRLs
> > > session caching
> > > per-location renegotation
> > > SSLRequire
> > > logging
> > > var lookups
> > > and so on that are not http specific.
> > >
> > > there is a bit more effort to get a protocol module such as
> > nntp working
> > > both with and without ssl. for example with nntp when the
> > first client
> > > connects it does not send a request (like http clients do),
> > but awaits a
> > > 200 - ready response. to work with ssl, an nntp protocol
> > module needs to
> > > first call get_brigade to trigger the initial ssl
> > negotiation. but the
> > > same issue is there with mod_tls. personally, i don't
> > think its worth
> > > the effort to maintain both mod_tls and mod_ssl. effort
> > would be better
> > > spent modularizing mod_ssl to support other protocols if needed.
> >
> > Cool, if this works, then we should just ditch mod_tls.
> >
> > Ryan
> >
> > ______________________________________________________________
> > Ryan Bloom [EMAIL PROTECTED]
> > Covalent Technologies [EMAIL PROTECTED]
> > --------------------------------------------------------------
> >
>