On Mon, 2007-02-05 at 17:50 +0100, Roland Weber wrote: > Hi Julius, > > > Mind you, upgrading (or maybe "switching" is a better word) to > > httpclient-4.0 should only affect the client code. This change can > > require people to fix their client, their server, and their DNS, and > > this issue might not showup for people until they hit their production > > environments. I imagine it will be a little stressful! > > Thanks for bringing it to our attention. We will remember it by the > time we're writing an SSL guide for 4.0. And if it hits them only > in production, their integration and staging environments aren't > good enough ;-) > > > I agree with Roland and Michael that it is best if people not use them > > at all. But I see so many people just blindly using "easy" on the > > "httpclient-user" mailing list, I thought maybe > > "https-completely-insecure://" would scare them off. > > We'll be addressing that in the SSL 4.0 guide, too. And I'll see to > it that the "EasySSLProtocolSocketFactory" changes it's name not only > after the "SSL" part :-) >
Folks, I think there should no longer be any contrib SSL stuff in HttpClient 4.0, easy or otherwise. The users should simply get directed to Commons SSL / SSLUtils / whatever Julius, Where did the process get stuck again? Oleg > > (I wonder if those schemes would have helped the public PKI situation > > had they been part of the standards. Probably not.) > > Hardly. The point of PKI is to establish a chain of trust. > You can't do that by removing the trust. > > cheers, > Roland > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
