Re: [xml] SSL/TLS support
- From: Aleksey Sanin <aleksey aleksey com>
- To: Igor Zlatkovic <igor stud fh-frankfurt de>
- Cc: xml gnome org
- Subject: Re: [xml] SSL/TLS support
- Date: Mon, 20 May 2002 09:25:46 -0700
Well, w/o random generator seed you'll not be able to generate session keys
for SSL and by this you'll not be able to start the connection. In the
same time,
w/o trusted certificates initialized, your client will not be able to
verify the
certificate that server sends to you and by this the handshake fails
(and the connection
is failed). These are not security measures but steps to establish the
connection.
Aleksey.
Igor Zlatkovic wrote:
Hi Alexey,
those points are correct, that is true. In this stage, my intention was
simply to fetch documents through a SSL channel, not to improve the
transport security in any way. Therefore, I didn't care about initialising
the random generator, nor did I pay attention to the validity or revocation
of the server's certificate. Those things would come later, if SSL comes
into libxml at all.
Ciao
Igor
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]