> -----Original Message----- > From: André Warnier [mailto:a...@ice-sa.com] > Sent: Tuesday, April 09, 2013 6:04 AM > To: Tomcat Users List > Subject: Re: Better SSL connector setup > > Christopher Schultz wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA256 > > > > Martin, > > > > On 4/8/13 8:25 PM, Martin Gainty wrote: > >> Identification of keys and supported ciphers are an important for > Key > >> Exchange But before that happensThe certificates attributes are the > >> only means the CA-Authority can verify the the name in the cert The > >> certificate attributes should contain 1)1 and only 1 Hostname to > >> contact 2)Identification information from a DN in LDAP or a suitably > >> unique Name Service Server (ADS)allowing verification of client to a > >> 'Name > >> Service'http://docs.oracle.com/cd/E19575-01/820- > 3885/gimog/index.html > >> > >> Allowing your cert to authenticate to n hosts invites 2n as many > >> potential DOS attacks Not requiring DN would negate the CA-Authority > >> ability to verify DN CN == SSL-Host. Think of online banking and > >> clients need to circumvent forged sites as 'The official bank site' > >> to send your money If you are FE with Apache you will want to > >> configure in mod-sslhttp://www.modssl.org/ > > > > Yes, you definitely want to make sure to download and install mod_ssl > > into your your Apache 1.3 install on your Windows NT 3.5 server. All > > of your Netscape clients will be able to access full 48-bit export > > encryption over a modern HTTP 0.9 connection. > > And don't forget to check that your RS-232 dial-up modem can handle the > increased baud-rate necessary for the SSL-encrypted data. >
You can improve the performance of the existing RS-232 modem pool by doing some ROT-13 and Fourier transforms prior to data encoding. However, this does require the equivalent capability on the receiving side. This e-mail and any attachments are intended only for the use of the addressee(s) named herein and may contain proprietary information. If you are not the intended recipient of this e-mail or believe that you received this email in error, please take immediate action to notify the sender of the apparent error by reply e-mail; permanently delete the e-mail and any attachments from your computer; and do not disseminate, distribute, use, or copy this message and any attachments.
