On 1/10/07, William A. Rowe, Jr. <[EMAIL PROTECTED]> wrote:
Jorge Schrauwen wrote: > Do note that not all users that will chose the SSL package will know how > to correctly fill in the fields. s/not all/a small minority of/
Do not underestimate user stupidity ;) ok maybe the number won't be overly to large but I can sure see the post flooding in on the Apache BB's! They can't figure out what Domain Name means, let's be serious :)
> On 1/10/07, *Issac Goldstand* <[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]>> wrote: > > I think the MSI should autogenerate a self-signed cert at least (last > thing we need is for people to deploy a static pre-distributed cert > which would make it that much easier to do man-in-the-middle attacks). I agree, static keys are only for pure localhost-style examples, just a bad idea for something this flexible. As far as a default selfsigned cert, I was thinking of using the server name they filled in already as it stands, and let them replace it with a worthwhile one. > Would be great if the MSI had a choice to use an existing cert, or > generate a new one with a user supplied DN (fill-in fields for CN, OU, O > , L, ST, C), and generated a self-signed cert with that + a .csr for > sending to a Trusted Third-Party for signing. > > Would also be great if there was some GUI for importing a signed cert > post-install, similar to the IIS wizard, but that's probably pushing it. Well, there are dozens of utilities out there that do that, I'm not compelled in the least to add it to the httpd package. Justin Erenkrantz wrote: > > I'd prefer to just point them at the instructions for generating their > own key rather than us distributing a 'fake' one. -- justin ./configure; make; make install We don't deposit a certificate today for Unix. After considering this a bit more, I agree with jerenkrantz.
True... if you don't enable mod_ssl by default and add a note in the conf file It should be rather safe to not include a cert. Pointing them to a docs or wiki guide/how to would be a good idea. At least, initially. I'd rather see something out the door, with all the
appropriate comments in the user community of the best way (in their opinion) to proceed. Then if we really believe the server install should do something to either help deposit a cert/key for their server, or a post-install command should be provided for this purpose, then we should ensure win and unix are offering the exact same facility. Does this sound sane?
Yes it does sound sane ;) -- ~Jorge
