[foaf-protocols] foaf.me with https, vs http

Peter Williams home_pw at msn.com
Thu Jan 21 04:50:48 CET 2010


So the task mentioned is a project Ill address over the next 2 weeks. It
turns out that "Silverlight" controls have a nice good ol' BSD style socket
interface (so you can avoid whatever it is that things like the Mozilla
layer entities in its browser communication stack do (or don't do). And, the
java ssl class from GNU are included in the semweb library (for .NET). So, I
don't know if it will work, but the goal is to see what (if any) of my own
client side SSL I can get working. It's time to move into ssl src, I think-
and leave behind the sandboxes of the platforms.

Ive more or less worked through my list of work items from about 4 weeks
ago. Only 2 projects were a complete failure: I failed to host a modern
windows restful service  with resestul web bindings in the asp.net runtime I
load behind the foaf+ssl listener (though I can run it them from _within_
the listener's part of the process). And I could not implement my own server
side handlers for digest auth (due to some security controls that  prevent
one from writing certain headers, in the obvious way - even though the same
code works when hosted in IIS!).

 

 

 

 

 

One interesting experiment is to have the client induce server-side
destruction of transport session .by doing a TCP close on WITHOUT first
doing a SSL close. For conforming servers, this forces  the server to cease
further use of that transport session (ssl3 sessionid) on ALL outstanding
connections, including those connections derived from the pre-master secret
tied to the SSL3 sessionid.


Good luck
 

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.foaf-project.org/pipermail/foaf-protocols/attachments/20100120/b05ddbf5/attachment.htm 


More information about the foaf-protocols mailing list