--------- Original Message --------- Subject: Re: ApacheCon Austin, httpd track
From: "Rich Bowen" <rbo...@rcbowen.com>
Date: 12/2/14 8:29 am
To: dev@httpd.apache.org


 On 12/01/2014 08:15 PM, Daniel Ruggeri wrote:
 > A side note on SSL/security: I had the idea a few years back that there
 > is probably enough content to do a "here is 5 minutes about how to
 > configure SSL in httpd" and then 50 minutes of other important security
 > topics (What Ciphers should I enable? Should I use SSLv3 any more? How
 > to treat my keys and what the hell is an HSM anyway? Passphrase
 > encrypted keys or not? Should I trust my distro's build?). Thoughts are
 > welcome on that topic... not sure if I'm overly paranoid or if these are
 > things that people actually want to hear?


 Given the focus on SSL in the last year, I think that a talk exactly 
 like that would be appreciated, and could even be a great talk to use to 
 market the track as a whole. I think a lot of people are waking up to 
 the fact that they have no idea what SSL/TLS actually is, and some 
 in-depth teaching on it seems like it would be welcome. 
  
Rich raises a great point - you could probably even propose a full half
day training, and spend a bit of time on configuring different ASF projects
(e.g. httpd, Tomcat) while aiming squarely at the state of SSL cryptography
itself.  I'm certain that class would get some nice registration numbers.

Reply via email to