Re: inheriting website responsibility--no paddles goin' up river

Subject: Re: inheriting website responsibility--no paddles goin' up river
From: Sandy Harris <sharris -at- dkl -dot- com>
To: TECHWR-L <techwr-l -at- lists -dot- raycomm -dot- com>
Date: Mon, 20 Sep 1999 12:25:57 -0400

horowit -at- en -dot- com wrote:
>
> My department has just inherited the web duties ...

> I have a million questions from ... to ways to obtain security for
> this page.

The main protocols used to implement secure web pages are SSL
(Secure Sockets Layer) and TLS (Transport Level Security) which
is either a renaming or a descendant of SSL; I'm not sure which.

Netscape were key players in SSL development. Their servers and most
others should support it.

A widespread free SSL implementation was SSLeay (eay = Eric A Young),
which has become an Open SSL project:

http://www.openssl.org/

The Apache open source web server has hooks to use Open SSL:

http://www.apache.org/related_projects.html#modssl

Some related info, in docs I've written since that's where I can find
it easiest:

Crypto and security links:
http://www.xs4all.nl/~freeswan/freeswan_trees/freeswan-1.00/doc/WWWref.html#security

Beware of crippled security, 40-bit or 64-bit. If at all possible,
set your server up to insist on 128 for any user that can do that.
For detail on this, see:
http://www.xs4all.nl/~freeswan/freeswan_trees/freeswan-1.00/doc/DES.html




Previous by Author: Re: Terminology nitpicking (was: Positive feedback...)
Next by Author: Re: Sun/StarDivision StarOffice software suite
Previous by Thread: inheriting website responsibility--no paddles goin' up river
Next by Thread: custom page size quirk in Word 97


What this post helpful? Share it with friends and colleagues:

Sponsored Ads


Sponsored Ads