Re: Browser Support for TLS/HTTP Upgrade?

[Richard Levitte - VMS Whacker]

From: Eric Rescorla <[EMAIL PROTECTED]>

ekr> Not as far as I know. It was never really expected that this
ekr> technique would replace HTTPs for web pages, only for other
ekr> HTTP/TLS uses.  (Though frankly I doubt that as well.)

Uhmm, what exactly is the functional difference between HTTPS and
HTTP/TLS?  For me, they describe the function "running HTTP through a
SSL or TLS encryption tunnel"...

I think the matter is of deployment and laziness to some level.  After
all, RFC2817 isn't even a year old, and it does take time before an
RFC generates some real stuff (look at RFC2560 which is a year and a
half old, it took time before there were OCSP-aware products)...

-- 
Richard Levitte   \ Spannvägen 38, II \ [EMAIL PROTECTED]
Chairman@Stacken   \ S-168 35  BROMMA  \ T: +46-8-26 52 47
Redakteur@Stacken   \      SWEDEN       \ or +46-709-50 36 10
Procurator Odiosus Ex Infernis                -- [EMAIL PROTECTED]
Member of the OpenSSL development team: http://www.openssl.org/
Software Engineer, Celo Communications: http://www.celocom.com/

Unsolicited commercial email is subject to an archival fee of $400.
See <http://www.stacken.kth.se/~levitte/mail/> for more info.
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]