On Mar 8, 2009, at 3:13 AM, Kiss Gabor (Bitman) wrote:
On Sat, 7 Mar 2009, Daniel Kahn Gillmor wrote:
On 03/07/2009 03:03 PM, Joseph Oreste Bruni wrote:
On Mar 7, 2009, at 8:11 AM, Gab wrote:
I wish to in https ssl the sks web interface .
What are the directives for cert.pem and key.pem and to enable
ssl ?
I don't believe that the built-in web server supports SSL.
However, you
could front-end SKS with Apache configured as a proxy.
We chose to listen on port 443 so people could browse to it with
https://zimmermann.mayfirst.org/ (the X.509 certificate offered
here is
signed by a private certificate authority [0], which i have also
signed, if you care to certify it)
Folks,
I wonder what is the advantage of SSL in case of key servers?
The information transferred is not secret therefore no need of
encryption.
This is true, but that does not mean it isn't private. Without SSL,
someone could sniff on the wire and find out what key you were
requesting.
(There are other reasons, but simple privacy is a good one)
David
_______________________________________________
Sks-devel mailing list
Sks-devel@nongnu.org
http://lists.nongnu.org/mailman/listinfo/sks-devel