Re: [dix] DRAFT: WAE BOF minutes
Richard Megginson <rmeggins@redhat.com> Thu, 20 July 2006 14:58 UTC
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1G3ZyT-0006T7-P9; Thu, 20 Jul 2006 10:58:01 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1G3ZyS-0006Rt-0a for dix@ietf.org; Thu, 20 Jul 2006 10:58:00 -0400
Received: from mx1.redhat.com ([66.187.233.31]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1G3Zx6-0006jq-Jk for dix@ietf.org; Thu, 20 Jul 2006 10:56:38 -0400
Received: from int-mx1.corp.redhat.com (int-mx1.corp.redhat.com [172.16.52.254]) by mx1.redhat.com (8.12.11.20060308/8.12.11) with ESMTP id k6KEuavL013998 for <dix@ietf.org>; Thu, 20 Jul 2006 10:56:36 -0400
Received: from potter.sfbay.redhat.com (potter.sfbay.redhat.com [172.16.27.15]) by int-mx1.corp.redhat.com (8.12.11.20060308/8.12.11) with ESMTP id k6KEuZSi010696 for <dix@ietf.org>; Thu, 20 Jul 2006 10:56:35 -0400
Received: from [172.16.26.6] (vpn26-6.sfbay.redhat.com [172.16.26.6]) by potter.sfbay.redhat.com (8.12.8/8.12.8) with ESMTP id k6KEuXck029479 for <dix@ietf.org>; Thu, 20 Jul 2006 10:56:34 -0400
Message-ID: <44BF9A0B.7010403@redhat.com>
Date: Thu, 20 Jul 2006 08:58:19 -0600
From: Richard Megginson <rmeggins@redhat.com>
Organization: Directory & Security Products
User-Agent: Thunderbird 2.0a1 (X11/20060719)
MIME-Version: 1.0
To: Digital Identity Exchange <dix@ietf.org>
Subject: Re: [dix] DRAFT: WAE BOF minutes
References: <198A730C2044DE4A96749D13E167AD37BD6557@MOU1WNEXMB04.vcorp.ad.vrsn.com> <20060718194907.GW21538@binky.Central.Sun.COM> <86mzb67itl.fsf@raman.networkresonance.com> <44BD56D6.8030502@secure-endpoints.com> <86fygy7fdq.fsf@raman.networkresonance.com> <44BD5C25.4080002@secure-endpoints.com> <1b587cab0607190401x421492f2p19e3bb686e75777a@mail.google.com> <44BE3622.6090504@secure-endpoints.com> <1b587cab0607190658m66dacc79p7a75dcb8285a5270@mail.google.com>
In-Reply-To: <1b587cab0607190658m66dacc79p7a75dcb8285a5270@mail.google.com>
X-Spam-Score: 0.0 (/)
X-Scan-Signature: f49c97ce49302a02285a2d36a99eef8c
X-BeenThere: dix@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: Digital Identity Exchange <dix@ietf.org>
List-Id: Digital Identity Exchange <dix.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/dix>, <mailto:dix-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/dix>
List-Post: <mailto:dix@ietf.org>
List-Help: <mailto:dix-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/dix>, <mailto:dix-request@ietf.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============1141216467=="
Errors-To: dix-bounces@ietf.org
Ben Laurie wrote: > On 7/19/06, Jeffrey Altman <jaltman@secure-endpoints.com> wrote: >> Ben Laurie wrote: >> > I'd note that most of the work of supporting these things has to be >> > done in OpenSSL, and unlike Apache, OpenSSL does not have a large >> > funded development community. >> > >> > Expecting volunteers to rush to implement every cute TLS feature is >> > asking a lot. The way to make this happen is to find money for OpenSSL >> > development. >> >> Ben: >> >> I am very well aware that compared to the applications that use OpenSSL, >> those working on OpenSSL find it next to impossible to obtain >> contributions to support their efforts. Individuals and small >> businesses are not going to write a check for OpenSSL (or an OpenSSL >> contributor) to develop this code. That's not how people think. >> >> Instead someone will write a check to Apache to implement support >> for said feature because they want it in their web server. The Apache >> folks will respond with (a) once OpenSSL gives it to us we will have >> it so don't worry about it; and (b) it won't do you any good anyway >> because the browsers, webdav clients, etc. don't implement it. >> >> We are therefore left with a serious catch-22. The only way that we >> can get functionality like this implemented is to first obtain agreement >> from the client and server vendors. Only then might it become >> reasonable to expect end users to step up with funding. > > Browsers seem to be implementing these features faster. I'm told SNI > is in most major browsers now, for example. > > What would help, actually, is keeping a league table of features and > where they're implemented, and thus making it obvious which ones have > to be done to make a feature useful. There is another crypto implementation for Apache - mod_nss - http://directory.fedora.redhat.com/wiki/Mod_nss mod_nss uses Mozilla NSS for crypto - http://www.mozilla.org/projects/security/pki/nss/ - which is the same crypto found in Firefox/Thunderbird. NSS is actively maintained and developed by Red Hat, Sun, and others in the Mozilla and open source community. > > Cheers, > > Ben. > >> >> Jeffrey Altman >> >> >> >> _______________________________________________ >> dix mailing list >> dix@ietf.org >> https://www1.ietf.org/mailman/listinfo/dix >> >> >> >> > > _______________________________________________ > dix mailing list > dix@ietf.org > https://www1.ietf.org/mailman/listinfo/dix
_______________________________________________ dix mailing list dix@ietf.org https://www1.ietf.org/mailman/listinfo/dix
- [dix] DRAFT: WAE BOF minutes Dick Hardt
- Re: [dix] DRAFT: WAE BOF minutes Eliot Lear
- Re: [dix] DRAFT: WAE BOF minutes Ben Laurie
- Re: [dix] DRAFT: WAE BOF minutes Nicolas Williams
- RE: [dix] DRAFT: WAE BOF minutes Hallam-Baker, Phillip
- [dix] the point of a standards process Joaquin Miller
- Re: [dix] DRAFT: WAE BOF minutes Nicolas Williams
- Re: [dix] DRAFT: WAE BOF minutes Eric Rescorla
- Re: [dix] DRAFT: WAE BOF minutes Nicolas Williams
- Re: [dix] DRAFT: WAE BOF minutes Jeffrey Altman
- Re: [dix] DRAFT: WAE BOF minutes Eric Rescorla
- Re: [dix] DRAFT: WAE BOF minutes Jeffrey Altman
- Re: [dix] DRAFT: WAE BOF minutes Dick Hardt
- Re: [dix] DRAFT: WAE BOF minutes Joe Orton
- Re: [dix] DRAFT: WAE BOF minutes Ben Laurie
- Re: [dix] DRAFT: WAE BOF minutes Ben Laurie
- Re: [dix] DRAFT: WAE BOF minutes Jeffrey Altman
- Re: [dix] DRAFT: WAE BOF minutes Ben Laurie
- Re: [dix] DRAFT: WAE BOF minutes Gavin Baumanis
- Re: [dix] DRAFT: WAE BOF minutes Richard Megginson
- [dix] WAE BOF minutes (Final cut) Pete Resnick
- Re: [dix] WAE BOF minutes (Final cut) Pete Resnick