Skip to Content.
Sympa Menu

cacert-sysadm - Re: SNI/TLS in debian? is it true? can it be? - CAcert.org Market Potential

cacert-sysadm AT lists.cacert.org

Subject: CAcert System Admins discussion list

List archive

Re: SNI/TLS in debian? is it true? can it be? - CAcert.org Market Potential


Chronological Thread 
  • From: Ian G <iang AT iang.org>
  • To: cacert-sysadm AT lists.cacert.org
  • Subject: Re: SNI/TLS in debian? is it true? can it be? - CAcert.org Market Potential
  • Date: Sat, 29 Aug 2009 15:18:47 +0200
On 29/08/2009 14:01, Andreas Bürki wrote:
Dear all

Iiiian put my nose onto the subject. I know, this mail list is not for
comm-heinis like me, BUT the chance is too good, to neglect.

Market potential: 1,000,000 linux servers ->  Big number of SysAdmins
would has to become CAcert.org Assurers. - If they are not willing to
pay for a commercial certificate.


Yup :)


CAcert.org SysAdmin / comma Roll-Out:

* Preliminary Work

     1st question:  is this true?
     2nd question:  where and how?  distro?  instructions?
     ->  Result of Fact Finding
     - IF TRUE / WORKS: "some distributions of Apache HTTPD [2] now ship
with TLS/SNI [3]." and "virtual hosting is possible with TLS" ->  comma
action is MUST
     - IF NOT: no comma action needed

ASSUMPTION: TRUE/WORKS

1 - Describing Facts, Conclusion and CAcert.org solution (statement) in
CAcert.org wiki, Technical Section: Well structured and as precise as
possible - Reason why: Apache and Debian have the reputation to be
serious, reliable, well structured and documented ->  Perception in the
audience.

2 - Defining comma special Campaign in CAcert.org wiki, comma Section:
Quick thoughts Weapons - CAcert Blog, CAcert mailing lists, direct
mails, articles in special interest magazines, ... more?

more here: http://wiki.cacert.org/wiki/comma/SpecialCampaigns/SNITLS


I filled that page with background snippets from the last few years... Might give you some insight as to why this is the only thing that was worth changing in SSL for the last 14 years (says I). Also lots of raw-word-material. Just add water.


Sorry to disturb you guys, but again, the potential is too good..... to
be true!?


Big question: Can someone take a standard distro of Apache, install it, and get it up and running? Can we run multiple SSL sites using it?

Daniel's question: does it work with client certs ... yes, that's v. important to CAcert. Well, maybe not all things in Rome are built to last one day :)



iang

Archive powered by MHonArc 2.6.16.

Top of Page