From: <[EMAIL PROTECTED]>
Sent: Wednesday, April 25, 2001 10:34 AM
> On Wed, 25 Apr 2001, Martin Kraemer wrote:
>
> >
> > If there is no one who actually cares for the mod_tls baby, I propose to
> > delete it entirely and replace it by a REAL solution, based on Ralf's
> > mod_ssl. The current "implemetation" of mod_tls is a a PITA, nothing
> > more than an (abandoned) proof-of-concept IMHO. As it stands, no ISP
> > would even consider to switch to httpd-2.0+mod_tls from apache_1.3.x+mod_ssl.
> >
> > Sorry to be so honest about it, Ben, but that's how I see it.
>
> I honestly believe that mod_tls is a better solution than the 1.3 version
> of mod_ssl. I agree that this module has been abandoned, but I would
> prefer to look at why instead of just leaving it abandoned. It is on my
> list to fix the build problems on mod_tls, I just need a few hours to look
> at it.
>
> I agree that mod_tls isn't an advanced module, but it is a way to remove
> some of the politics from the SSL modules in Apache.
More to the point...
mod_rewrite was a nightmare. mod_proxy was a nightmare. mod_include still
remains a nightmare (try throwing bad tags and watch a response of nothing,
including headers, come back.) Very complex blocks of code are unavoidabily
prone to issues.
mod_tls is actually very effective if _all_ you attempt to do is secure the
channel. This is possibly all you want on your palmpilot running apache ;->
We obviously agree we want more functionality, but it's not necessarily a
bad idea to build upon a lightweight flavour. mod_ssl is terrific feature
wise, and I'd love to grow in that direction, but KISS is the difference
between having more mod_rewrite/proxy/include style nightmares.
Bill
