Re: Known server where per-URL client-auth is done?

Wed, 9 Dec 1998 11:15:19 -0500 

Ralf S. Engelschall wrote:
> 
> On Wed, Dec 09, 1998, Ben Laurie wrote:
> 
> > > Does anyone know an existing webserver on the net where SSL client
> > > authentication is requested on a per-URL basis?  And does anyone know the URL
> > > of such a server, so I can establish a test-connection to it?
> > >
> > > To better understand my question, here is the background:
> > >
> > > I've currently added support for per-directory/URL based SSL re-negotiation to
> > > mod_ssl (Apache), i.e. the user can configure a different cipher suite or
> > > change the client authentication type on a per-directory basis while mod_ssl
> > > implements this by forcing a re-negotiation of the SSL/TLS connection
> > > parameters _after_ the client has sent the HTTP request, but _before_ Apache
> > > sends the response.
> >
> > The current test version of Apache-SSL does this, but a) I guess it
> > won't help you much and b) I'm not sure if we're running it on the
> > server yet :-)
> 
> Oh, that's interesting, Ben. Although an Apache-SSL server doesn't help me for
> testing here (because it uses SSLeay as the SSL engine, too), I didn't know
> that you work in this area for Apache-SSL, too. Because I've never read any
> information about your recent development plans. Nevertheless the Apache-SSL
> users will appreciate it, so it's fine that you work on this, too.

It was the obvious next step after exporting client certs and cert
chains. The only reason I hadn't said anything yet is that I was
planning to announce it when it went up for testing, but we've been busy
with other things for the last week or two...

Cheers,

Ben.

-- 
Ben Laurie            |Phone: +44 (181) 735 0686| Apache Group member
Freelance Consultant  |Fax:   +44 (181) 735 0689|http://www.apache.org/
and Technical Director|Email: [EMAIL PROTECTED] |
A.L. Digital Ltd,     |Apache-SSL author     http://www.apache-ssl.org/
London, England.      |"Apache: TDG" http://www.ora.com/catalog/apache/
______________________________________________________________________
Apache Interface to SSLeay (mod_ssl)   www.engelschall.com/sw/mod_ssl/
Official Support Mailing List               [EMAIL PROTECTED]
Automated List Manager                       [EMAIL PROTECTED]

Reply via email to