On Mon, 11 Feb 2002, Mathieu Arnold wrote:
> "Ralf S. Engelschall" wrote:
> >
> > In article <[EMAIL PROTECTED]> you wrote:
> >
> > > I was wondering if it may be possible to configure modssl to do crypto
> > > with no certificate.
> >
> > No.
>
> too bad
>
> > > I know that it should be possible because certificates are just a way to
> > > authenticate the server, not to establish the crypto.
> >
> > No, the server certificate is also important and required for the secure
> > exchange of the crytography parameters of SSL/TLS. Without this, the
> > client and server would not be able to securely exchange the necessary
> > symmetric encryption parameters.
>
> well, that's right, but, if I don't really care about that much security
> and would just like some crippled http to get rid of young kiddies ?
>
>
<chuckle> Well ya could always banner-up:
Warning, no one underage allowed!
<rofl>
Thanks,
Ron DuFresne
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
admin & senior security consultant: sysinfo.com
http://sysinfo.com
"Cutting the space budget really restores my faith in humanity. It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
-- Johnny Hart
testing, only testing, and damn good at it too!
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
