Burton M. Strauss III wrote: >I think I'm correct (i.e. that it is a bug), but I'm not sure about your test... > >First off, I indicated that I've had the same results without zlib... It's a >https: issue, not zlib... > > k, that also proves the point.
>Secondly, how did you configure stunnel? That makes all the difference... > > All I wanted to do is prove that SSL itself as well as the browsers have got nothing to do with this bug (as claimed by Luca). Encapsulation the ntop connection with SSL without using ntop's SSL would not display the images according to Luca's claim (if it were browsers that are incapable of showing the images). > If you used an stunnel daemon on both client and server, then you're really >just testing tunneled http:. This should work - I have not had any problems >with http:. > > This is precisely what I did. I *am* testing tunneled http:, proving that SSL and the browsers are not at fault here and that the bug is in ntop's SSL. Maybe this was already clear to you, but not to me (and nor to Luca, since I haven't seen any other claim on the list of what the problem is). Quod Erat Demonstrandum. ;-) > If you used an stunnel daemon on the client, connecting to ntop's https: on >the server, then that's of interest because it eliminates any possible handling >differences http: vs. https: inside the browser. > > I have not tried the man in the middle setup you describe, because it don't think it would work with stunnel, since stunnel itself would have to encrypt its connection to the server. All it does is strip the SSL from the client connection as pass that through to the server. >-----Burton > -- Mike. _______________________________________________ Ntop mailing list [EMAIL PROTECTED] http://listgateway.unipi.it/mailman/listinfo/ntop
