W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > September to December 1997

Netscape Server security question...

From: Turner, Randy <rturner@sharplabs.com>
Date: Mon, 3 Nov 1997 13:23:44 -0800
Message-Id: <D10983CAC30DD111B41400805FA6A1C11213F2@admsrvnt02.enet.sharplabs.com>
To: http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com

Sorry to bother the list with this non-HTTP related question, but I was 
hoping to find major HTTP server implementers on the list that are using
SSL3 to secure documents. This is an SSL3-related question. The 
Internet Printing Protocol (IPP) working group is considering requiring
SSL3/TLS framing for negotiating security for internet printing. The
minimal level of security that is required is basically NULL security.
That is, to be compliant, a client or server must use TLS framing with
support for SSL3 compatibility, and the minimum level of security that
must be supported is NONE.

My question is if someone implements IPP as an ISAPI, NSAPI, or CGI
backend service, will the generic HTTP 1.1 server accept or allow 
negotiation down to NULL security (the way the TLS document
suggests...).


Thanks in advance!

Randy
(again, sorry for the slight misuse of the list. If there is a better
forum
or email list to which this question should be directed, please let me
know).


Randy Turner
Sharp Laboratories
rturner@sharplabs.com
Received on Monday, 3 November 1997 13:30:59 EST

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:33:02 EDT