W3C home > Mailing lists > Public > public-xg-webid@w3.org > October 2011

TLS session renegotiation in java

From: Henry Story <henry.story@bblfish.net>
Date: Mon, 10 Oct 2011 10:00:54 +0200
Message-Id: <F089CBF3-3CC0-45FA-8871-3548763684D0@bblfish.net>
Cc: Jérôme Louvel <jerome.louvel@noelios.com>
To: WebID XG <public-xg-webid@w3.org>
Hi,

   just a note that I put together a mini server in the git repository 

   https://github.com/bblfish/TLS_test

   that tests TLS session renegotiation, to see how browsers react to that.
I wanted to see:

  - if when renegotiating browsers ask their users for a new certificate (they don't seem to - so this may be a bug in my code , the server, or a bug in the browsers)
  - to see how this can be done in java
  - to improve html users login experience, so that when they reach a site they don't get asked immediately for a certificate but only once they have been able to look around a bit
  - which browsers support the TLS rengotiation fix

   The code requires the http://www.restlet.org/ server, the latest development branch of which can be found here

 http://restlet.tigris.org/svn/restlet/trunk

 ( there are only two modules there that need to be compiled as specified in the pom of the session_renegotiation project )

Henry

Social Web Architect
http://bblfish.net/
Received on Monday, 10 October 2011 08:01:35 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:39:47 UTC