Neo Sze Wee <[EMAIL PROTECTED]> writes:
> On Wed, Sep 18, 2002 at 08:42:08PM +0100, Andrew M. Bishop wrote:
> > Martin Baehr <[EMAIL PROTECTED]> writes:
> > >
> > > remove
> > > ssl-allow-port = (integer)
> > > https should be allowed on any port, just like http.
> > > many servers i work with use alternative ports for webserver configuration,
> > > it is a pain having to add each port into the config manually.
> >
> > This is really a security feature for system aministrators. Allowing
> > HTTPS tunneling to any port will mean that people can bypass WWWOFFLE
>
> How do you actuall use the above feature of wwwoffle? Do you have to
> install other programs? I am think of using wwwoffle to access my Yahoo
> mail account which uses https and ssl.
The https tunneling feature of WWWOFFLE is only available when you are
online because it uses authentication and encryption. Your browser
will only talk to yahoo.com using SSL if the certificate that the
server has can be verified. If it cannot be verified then the browser
should alert the user.
When you are offline it is not possible to pretend to be yahoo.com
and not confuse the browser.
--
Andrew.
----------------------------------------------------------------------
Andrew M. Bishop [EMAIL PROTECTED]
http://www.gedanken.demon.co.uk/
WWWOFFLE users page:
http://www.gedanken.demon.co.uk/wwwoffle/version-2.7/user.html
