Andreas Metzler dixit: >what do you refer to with "nonGNUtls build"?
Precisely these, ever since https://lwn.net/Articles/529558/ and the ensuing fight in the GNU project. It’s not “GNU” TLS any more. David Woolley dixit: > Actually I consider certificates that authenticate anything except the > specific web site to be a security liability in themselves. Whilst I'd Right, use IPv6 to differentiate those instead. > that sending the login details is a bug in Lynx, and not in the SNI Yes, but one that can easily happen by accident. SNI sends things in plaintext, which is the worse bug. > I'd also suspect that the sorts of sites people might not want to be > associated with are either clustered on the same physical server, or Right, use IPv6 to differentiate those instead. All other vhost scenarios can be handled with wildcard and/or multi-subjectAltName certificates. bye, //mirabilos -- Gestern Nacht ist mein IRC-Netzwerk explodiert. Ich hatte nicht damit gerechnet, darum bin ich blutverschmiert… wer konnte ahnen, daß SIE so reagier’n… gestern Nacht ist mein IRC-Netzwerk explodiert~~~ (as of 2021-06-15 The MirOS Project temporarily reconvenes on OFTC) _______________________________________________ Lynx-dev mailing list Lynx-dev@nongnu.org https://lists.nongnu.org/mailman/listinfo/lynx-dev
