[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Pan-devel] at b2069b3 now -- I think I figured-out one little thing
|
From: |
SciFi |
|
Subject: |
Re: [Pan-devel] at b2069b3 now -- I think I figured-out one little thing (Re: ANN: SSL Support)) |
|
Date: |
Fri, 11 Nov 2011 22:35:44 +0000 (UTC) |
|
User-agent: |
Pan/0.135 (Tomorrow I'll Wake Up and Scald Myself with Tea; GIT b2069b3 (github.com/judgefudge/pan2/master); x86_64-apple-darwin10.8.0; gcc-4.2.1 (Apple build 5666 (dot 3)); 32-bit mode) |
Another thing…
On Fri, 11 Nov 2011 22:17:03 +0000, SciFi wrote:
>
> Hi,
>
> (I thought I would check the list while fixing supper
> and before laying down)
>
> On Fri, 11 Nov 2011 22:32:57 +0100, Heinrich Mueller wrote:
>>
>> Am 11.11.2011 21:03, schrieb SciFi:
>>>
>>> It might be that the pem file needs to match
>>> the "officially registered" names for the certs.
>>> And for Pan keep track of that gook, somehow. ;)
>>>
>>> (...)
>>>
>>> Does this make any sort of sense at all?
>>> (honestly asking)
>>>
>>>
>> Yes, my code as of yet reads the pem files and
>> matches them with the filename. Perhaps I'll just a map-based
>> approach with a file telling which certificate belongs to
>> which server and i just name them after the md5 checksum or
>> something.
>> That was just the simplest thing for me, because normally the
>> user doesn't rename his certificates as pan stores them automatically.
>> I think I'll implement an option in the servers.xml file.
>>
>> Cheers.
>
> Ah.
> So.
> I guess the thing to remember is something like this:
> Us mere mortals wouldn't normally need to worry about
> matching these things together properly. We would
> expect things to "just work" by the code doing
> whatever "magic" is required. ;)
>
> For us geeks trying to iron-out this present anomaly,
> I still cannot find what the "proper name" should be
> for the gn and gmane certs/pems.
>
> However, I suppose discovering the aw name was
> more of an "accident" it seems to work that way. ;)
>
> I then suppose the OpenSSL APIs will have something
> to offer for the app to keep-track of these certs?
> (Other software, that support SSL, seem to handle
> all this tracking automatically. The app only
> needs to know whether to use SSL-mode or not.)
>
> Thanks again.
Another thought:
I believe most apps that support SSL
will keep the cert(s) & details in RAM
for the duration of the session(s).
The app won't record anything SSL-related to disk
nor will the app "ask" to "accept" the cert.
That means there will be "handshaking"
once a session is (re)started
every time
yes every time.
This might also necessarily change the
encryption keys etc. for each session/thread
but I would think it'd be "safer" this way.
(sometimes a bit of good food
helps my noggin do some thinkin' <g>)
(but what do I really know about this stuff)
(I will probably go lay down now)
- Re: [Pan-devel] ANN: SSL Support, (continued)
- Re: [Pan-devel] ANN: SSL Support, Heinrich Müller, 2011/11/09
- [Pan-devel] at bb11b8e now: no crash, but still no cigar (Re: ANN: SSL Support), SciFi, 2011/11/09
- Re: [Pan-devel] at bb11b8e now: no crash, but still no cigar (Re: ANN: SSL Support), Heinrich Müller, 2011/11/10
- [Pan-devel] at af30a8b is closer: seems AW works, but not GN nor Gmane (Re: ANN: SSL Support)), SciFi, 2011/11/10
- Re: [Pan-devel] at af30a8b is closer: seems AW works, but not GN nor Gmane (Re: ANN: SSL Support)), Duncan, 2011/11/11
- Re: [Pan-devel] at af30a8b is closer: seems AW works, but not GN nor Gmane (Re: ANN: SSL Support)), Heinrich Mueller, 2011/11/11
- Re: [Pan-devel] at af30a8b is closer: seems AW works, but not GN nor Gmane (Re: ANN: SSL Support)), Heinrich Müller, 2011/11/11
- [Pan-devel] at b2069b3 now -- I think I figured-out one little thing (Re: ANN: SSL Support)), SciFi, 2011/11/11
- Re: [Pan-devel] at b2069b3 now -- I think I figured-out one little thing (Re: ANN: SSL Support)), Heinrich Mueller, 2011/11/11
- Re: [Pan-devel] at b2069b3 now -- I think I figured-out one little thing (Re: ANN: SSL Support)), SciFi, 2011/11/11
- Re: [Pan-devel] at b2069b3 now -- I think I figured-out one little thing (Re: ANN: SSL Support)),
SciFi <=
- Re: [Pan-devel] at b2069b3 now -- I think I figured-out one little thing (Re: ANN: SSL Support)), Heinrich Mueller, 2011/11/12
- Re: [Pan-devel] at b2069b3 now -- I think I figured-out one little thing (Re: ANN: SSL Support)), Heinrich Mueller, 2011/11/12
- [Pan-devel] at GIT 6ffb80b still the same here: seems AW works, but not GN nor Gmane (Re: ANN: SSL Support)), SciFi, 2011/11/16
- Re: [Pan-devel] at GIT 6ffb80b still the same here: seems AW works, but not GN nor Gmane (Re: ANN: SSL Support)), Heinrich Müller, 2011/11/18
- [Pan-devel] at GIT 7e49a9b still the same here, plus some research I've done (seems AW works, but not GN nor Gmane (Re: ANN: SSL Support)), SciFi, 2011/11/18
- [Pan-devel] still at GIT 7e49a9b, still the same here, plus some MORE research I've done (seems AW works, but not GN nor Gmane (Re: ANN: SSL Support)), SciFi, 2011/11/21
- Re: [Pan-devel] still at GIT 7e49a9b, still the same here, plus some MORE research I've done (seems AW works, but not GN nor Gmane (Re: ANN: SSL Support)), Duncan, 2011/11/22
- Re: [Pan-devel] still at GIT 7e49a9b, still the same here, plus some MORE research I've done (seems AW works, but not GN nor Gmane (Re: ANN: SSL Support)), Heinrich Mueller, 2011/11/22
- Re: [Pan-devel] still at GIT 7e49a9b, still the same here, plus some MORE research I've done (seems AW works, but not GN nor Gmane (Re: ANN: SSL Support)), Duncan, 2011/11/22
- Re: [Pan-devel] still at GIT 7e49a9b, still the same here, plus some MORE research I've done (seems AW works, but not GN nor Gmane (Re: ANN: SSL Support)), SciFi, 2011/11/23