Re: Netscape + ModSSL=Dead slow.

Thu, 31 May 2001 16:24:59 -0700 

On Thu, 31 May 2001, DAve Goodrich wrote:

> on 5/31/01 2:08 PM, David Rees at [EMAIL PROTECTED] wrote:
> 
> >> -----Original Message-----
> >> From: [EMAIL PROTECTED]
> >> [mailto:[EMAIL PROTECTED]]On Behalf Of DAve Goodrich
> >> 
> >> Maybe..  but the Netscape I'm testing works perfectly with Amazon, ebay,
> >> B&N, etc etc etc. I've tried with Win2k servers, Solaris, Stronghold, all
> >> work fine.
> >> 
> >> Anyone have a mod_ssl server I can try against? mod_ssl version number
> >> different and same as mine for comparison would be excellent.
> >> 
> >> Slackware 7.0
> >> Apache 1.2.13
> >> mod_ssl-2.6.6-1.3.12
> >> openssl-0.9.6
> > 
> > Any reason you're running an old version of Apache/mod_ssl and openssl?
> > 
> > -Dave
> Of course ;^)  Our web app is built around PHP+CPDF+GD+Openlink, to get
> everything to compile without errors I can't use bleeding edge releases. I'm
> running Apache 1.2.13 and PHP 4.0.0 because they are rock solid for me. CPDF
> and GD compile best against PHP 4.0.0, and Openlink compiles best against
> Slack 7.0 (actually, kernel 2.2.13).

Yet the security focus site has numerous vulnerabilities listed, some
quite recent for php up to and including 4.0.4, and some dating back at
least to the end of last year for 4.0.0 and earlier versions in particular.


I can understand and agree with not jumping on a "bleeding edge release",
at least not for the first day or two of release in some situations and
for certain release related updates, but, looking at the documentation for
-=why=-, the rational of the updated release certainly is a good point to
follow with a focus upon issues relating to security.  Especially on those
systems exposed to the internet in general.  


Thanks,

Ron DuFresne
-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        admin & senior consultant:  darkstar.sysinfo.com
                  http://darkstar.sysinfo.com

"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
                -- Johnny Hart

testing, only testing, and damn good at it too!

______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
User Support Mailing List                      [EMAIL PROTECTED]
Automated List Manager                            [EMAIL PROTECTED]

Reply via email to