On Wed, Apr 04, 2012 at 06:20:48PM -0500, Daniel Ruggeri wrote: > I have reviewed these docs, Rich, and have some notes to provide. I'd > like if other folks would have a look, too, so we can maybe get things > in good shape sooner rather than later. I'm ready to move on a few > things but would like to get consensus on two things below... > > http://httpd.apache.org/docs/trunk/ssl/ssl_howto.html - The examples are > still valid in today's world. I'm not sure if this particular doc is the > place.... but having SSL proxy examples would also be helpful since all > of those directives actually come from mod_ssl (and there are pointers > in the proxy doco to mod_ssl). Thoughts?
I think this would be a good place for a proxy example. Looking for 2 seconds, I think the logging section could do with some more work. > > http://httpd.apache.org/docs/trunk/ssl/ssl_intro.html - No rubbish here. > I think this document is outstanding. > +1 > http://httpd.apache.org/docs/trunk/ssl/ssl_compat.html - This document > may no longer be relevant. There have been so many changes since > creation that I think this doc could be scrapped or repurposed to > discuss integration issues only. Some examples would include notes about > older browsers and supported levels of crypto, the emergence of TLS1.1, > SNI and compatible browsers, OCSP, etc. I'm willing to take a whack at > it and will write a bug to make myself do it in the coming days if the > list agrees. What's there now is ancient and could be dropped. > > http://httpd.apache.org/docs/trunk/ssl/ssl_faq.html - Could use a > general refreshing... most of the content isn't bad, but it could stand > to be reorganized. Does anyone else kind of feel like this kind of > document would be better served as a wiki article? > Given the complexity of SSL in general, I prefer we keep the faq where it is rather than abandon it on the wiki. But +1 to a cleanup. > > > By the way, great job on these docs. SSL is a tough topic and I think > there is more than enough content here to get someone going and keep > them going for a while. It reads like an expert wrote it for fledgeling > server admin and I'm not sure I agree with a lot of the assertions made > about the content recently. > Agreed 100%. Most of the credit goes to Ralf S Engelschall who wrote mod_ssl and most of the docs in question. Little has happened to them since then. I think some of the assertions come from people who don't appreciate his style of writing - much of his original mod_rewrite documentation got butchered on a similar background. vh Mads Toftum -- http://soulfood.dk --------------------------------------------------------------------- To unsubscribe, e-mail: docs-unsubscr...@httpd.apache.org For additional commands, e-mail: docs-h...@httpd.apache.org
