In article <[EMAIL PROTECTED]> you wrote:
> I'm trying to wrap up the CGI/1.1 specification for RFC submission,
> and one of the pieces I'd like to fill in before that happens
> is the changes that apply when a CGI script is run as a result
> of an SSL request.
> What are the canonical (server-independent) changes to the
> environment? What additional metavariables are set up in
> the script's environment?
The problem is that there are two classes of variables: Historical ones and
cleaned-up ones, at least in mod_ssl. For the cleaned-up ones in mod_ssl read
http://www.engelschall.com/sw/mod_ssl/docs/2.1/ssl_reference.html#table3 and
http://www.engelschall.com/sw/mod_ssl/docs/2.1/ssl_reference.html#table4 . For
the historical ones read for instance:
http://www.engelschall.com/sw/mod_ssl/docs/2.1/ssl_compat.html#table2 . Because
your CGI/1.1 RFC should provide a new base to avoid more diversions, it sounds
reasonable that you make your CGI/1.1 SSL variables a reasonable compromise
between the historical ones and cleaned-up ones. Let you be inspired by the
cleaned up ones. For mod_ssl I was able to solve the problem easily
by providing a variable mapping. For such an RFC your task is more
complicated to choose the best variable names, of course.
One more hint: I think it's not reasonable to define all those existing SSL_xx
variables in the CGI/1.1 spec. Instead I think only the essential ones should
be defined, i.e. those which identify a HTTPS request, deal with the
Subject-DN and show details about the used bits of the cipher. Because these
are usually the variables CGI's deal with. Anything else is more or less a
goodie and not really essential IMHO.
Greetings,
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
