lynx-dev
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: lynx-dev Re: Lynx, SSL, Hotmail

From: David Woolley
Subject: Re: lynx-dev Re: Lynx, SSL, Hotmail
Date: Sat, 17 Jul 1999 11:10:28 +0100 (BST) 
Please subscribe to address@hidden if you want to be able to see
the rest of this thread.

[ overlong lines re-wrapped to standards ]
> > Im using Lynx 2.8.2 for W95 and I have a little problem. Perhaps you
> > can help me.  I am trying to find some way to login to www.hotmail.com
> > and read my mail through lynx.  This requires SSL it seems. I thought I
> > solved this by installing a proxy server that supports SSL.  But it seems
> > that Lynx hangs when it should send/reads some http CONNECT message.

No it requires either building a version of Lynx patched to use 
SSLeay (possibly openssl), plus in the USA, RSAREF, or the use of
an SSL converting proxy.  (The former solution is only legal for
non-commercial use and the resulting binaries may not be re-distributed,
so you must compile them yourself.  Both solutions are probably in
breach of the terms of service of the web sites.)

Conventional (e.q. squid and CERN) proxy support for SSL is for getting
the protocol through a firewall, and consists of tunnelling the SSL 
protocol through the proxy, essentially unchanged; the client sends

CONNECT secure-site:423   (or whatever is the port number)

the proxy responds with a connected message, then everything else is
sent transparently in both directions.  The browser is still responsible
for the encryption.

There are some freeware converting proxies, and I believe links to the
exist on the Lynx site; they haven't been mentioned much recently, so
may not have been maintained, and they probably require a Unix-like
operating system, but I haven't checked.  All free encryption software
from US sources has problems in preventing foreign access to the home
site, and foreign sourced binaries are likely to be pirate software
in the USA because they won't contain licensed implementation of the
patented algorithms.  No free converting proxies may be used commercially
in the USA.

It is very unlikey that there would be commercial converting proxies,
as such proxies are essentially insecure and it is very unlikely that
the RSA patent owners would license their software for such use, or that
content providers would permit such use (if they were to find out).
reply via email to
[Prev in Thread] Current Thread [Next in Thread]