Discussion:
SSL in the browser
eocene
2014-10-13 22:10:46 UTC
Permalink
My code for SSL in the browser hasn't been giving me any problems in
recent days, so it would be nice to give it some wider use.

http://www.dillo.org/test/ssl_in_browser.diff
eocene
2014-10-14 18:29:05 UTC
Permalink
Post by eocene
My code for SSL in the browser hasn't been giving me any problems in
recent days, so it would be nice to give it some wider use.
http://www.dillo.org/test/ssl_in_browser.diff
Found a bug :(
Fixed it :)
New version up.
eocene
2014-10-20 23:47:35 UTC
Permalink
Post by eocene
http://www.dillo.org/test/ssl_in_browser.diff
Fixed a couple of bugs, added a couple of features, new version up.
Jorge Arellano Cid
2014-10-21 14:29:06 UTC
Permalink
Hi corvid,
Post by eocene
Post by eocene
http://www.dillo.org/test/ssl_in_browser.diff
Fixed a couple of bugs, added a couple of features, new version up.
Oh, as our mailsearch doesn't work anymore, is there
and URL to the original thread (Gmane style) or something?

I'd like to remember what the main point of having SSL inside
the browser were. I'm getting old. ;)
--
Cheers
Jorge.-
eocene
2014-10-21 16:42:24 UTC
Permalink
Post by Jorge Arellano Cid
Oh, as our mailsearch doesn't work anymore, is there
and URL to the original thread (Gmane style) or something?
I'd like to remember what the main point of having SSL inside
the browser were. I'm getting old. ;)
Looking briefly, I couldn't find relevant discussion. Possibly it
was off list. My recollection is that, at the time, it had to do with
seeing how SSL was becoming more and more central to browsing with
things like 'HTTPS Everywhere' and 'HTTP Strict Transport Security'
coming along and the issue of privacy gaining increasing public
awareness.

As for this effort now, I started just by wondering what it would
look like if I integrated Benjamin's code and took out the windows
stuff. It was working pretty well very quickly. And now I like how
much more respectful of servers and resources Dillo can be when
HTTPS is integrated with the http_max_conns queuing and
http_persistent_conns. I think Johannes mentioned something about
Dillo and Tor not working together so well with HTTPS in a dpi,
but I don't know the details there.
Johannes Hofmann
2014-10-23 10:00:59 UTC
Permalink
Post by eocene
Post by Jorge Arellano Cid
Oh, as our mailsearch doesn't work anymore, is there
and URL to the original thread (Gmane style) or something?
I'd like to remember what the main point of having SSL inside
the browser were. I'm getting old. ;)
Looking briefly, I couldn't find relevant discussion. Possibly it
was off list. My recollection is that, at the time, it had to do with
seeing how SSL was becoming more and more central to browsing with
things like 'HTTPS Everywhere' and 'HTTP Strict Transport Security'
coming along and the issue of privacy gaining increasing public
awareness.
As for this effort now, I started just by wondering what it would
look like if I integrated Benjamin's code and took out the windows
stuff. It was working pretty well very quickly. And now I like how
much more respectful of servers and resources Dillo can be when
HTTPS is integrated with the http_max_conns queuing and
http_persistent_conns. I think Johannes mentioned something about
Dillo and Tor not working together so well with HTTPS in a dpi,
but I don't know the details there.
There is a potential loophole if you start dillo in a torified
environment and dpid is running outside. Then https connections go
via the non-torified https plugin. It's a small detail, but it
happened to me.
I'm mostly interested in getting SSL support from unmaintained
experimental state to properly supported and maintained option.

Cheers,
Johannes

Andreas Kemnade
2014-10-21 16:59:44 UTC
Permalink
Hi,

On Tue, 21 Oct 2014 11:29:06 -0300
Post by Jorge Arellano Cid
Hi corvid,
Post by eocene
Post by eocene
http://www.dillo.org/test/ssl_in_browser.diff
Fixed a couple of bugs, added a couple of features, new version up.
Oh, as our mailsearch doesn't work anymore, is there
and URL to the original thread (Gmane style) or something?
I'd like to remember what the main point of having SSL inside
the browser were. I'm getting old. ;)
here is a list of subjects which contain https, maybe that helps a bit.

2003-June.txt:Subject: [Dillo-dev] HTTPS support
2003-March.txt:Subject: [Dillo-dev] https approaches?
2003-March.txt:Subject: [Dillo-dev] Re: https approaches?
2003-November.txt:Subject: [Dillo-dev] Re: https dpi
2003-November.txt:Subject: [Dillo-dev] HTTPS Patch
2003-November.txt:Subject: [Dillo-dev] tabs, https, ...
2003-November.txt:Subject: [Dillo-dev] Small bug with combined frames/tabs/https patch and gcc 2.9x
2003-November.txt:Subject: [Dillo-dev] Small bug with combined frames/tabs/https patch
2003-November.txt:Subject: [Dillo-dev] [PATCH] HTTPS version 2.
2003-October.txt:Subject: [Dillo-dev] HTTPS patch
2003-October.txt:Subject: [Dillo-dev] HTTPS Patch
2004-February.txt:Subject: [Dillo-dev] Re: https dpi
2004-January.txt:Subject: [Dillo-dev] Re: https dpi
2004-July.txt:Subject: [Dillo-dev]https
2004-July.txt:Subject: [Dillo-dev]HTTPS
2004-July.txt:Subject: [Dillo-dev]Re: HTTPS
2004-July.txt:Subject: [Dillo-dev]dpip dialog for https (and dpis in general)
2004-July.txt:Subject: [Dillo-dev]https patch
2004-July.txt:Subject: [Dillo-dev]dpip dialog for https (and dpis in general)
2004-July.txt:Subject: [Dillo-dev]More https goodness
2004-July.txt:Subject: [Dillo-dev]Replying to lists (was: dpip dialog for https (and dpis in general))
2004-July.txt:Subject: [Dillo-dev]More https goodness
2004-July.txt:Subject: [Dillo-dev]HTTPS certificate support
2004-July.txt:Subject: [Dillo-dev]HTTPS Cleanup
2004-June.txt:Subject: [Dillo-dev]https (eg for posting to ps2 bulletin boards)
2004-March.txt:Subject: [Dillo-dev]Re: https hungs dillo up...
2004-May.txt:Subject: [Dillo-dev]https (eg for posting to ps2 bulletin boards)
2004-November.txt:Subject: [Dillo-dev]https by lynx -source
2004-September.txt:Subject: [Dillo-dev]https
2005-February.txt:Subject: [Dillo-dev]testing https plugin gave problems
2005-January.txt:Subject: [Dillo-dev]https, ssl & certificates
2005-July.txt:Subject: [Dillo-dev]cookies dpi over https and dpi framework
2005-June.txt:Subject: [Dillo-dev]cookies dpi over https and dpi framework
2007-October.txt:Subject: [Dillo-dev] https and OpenBSD
2008-April.txt:Subject: [Dillo-dev] [PATCH]: Fixing https step 1: Have a basic dpi dialog
2008-April.txt:Subject: [Dillo-dev] [PATCH]: Fixing https step 1: Have a basic dpi
2008-April.txt:Subject: [Dillo-dev] [PATCH]: Fixing https step 1: Have a basic dpi dialog
2008-April.txt:Subject: [Dillo-dev] [PATCH]: Fixing https step 1: Have a basic dpi
2008-March.txt:Subject: [Dillo-dev] https plugin status
2008-March.txt:Subject: [Dillo-dev] [PATCH]: send the https dpi plugin debug messages to the
2008-March.txt:Subject: [Dillo-dev] https plugin status
2008-March.txt:Subject: [Dillo-dev] [PATCH]: Fixing https step 1: Have a basic dpi dialog
2008-March.txt:Subject: [Dillo-dev] [PATCH]: Fixing https step 1: Have a basic dpi
2008-March.txt:Subject: [Dillo-dev] [PATCH]: Fixing https step 1: Have a basic dpi dialog
2008-March.txt:Subject: [Dillo-dev] https plugin status
2008-March.txt:Subject: [Dillo-dev] [PATCH]: Fixing https step 1: Have a basic dpi
2008-March.txt:Subject: [Dillo-dev] https plugin status
2008-March.txt:Subject: [Dillo-dev] [PATCH]: Fixing https step 1: Have
a basic dpi dialog
2008-March.txt:Subject: [Dillo-dev] https plugin status
2008-November.txt:Subject: [PATCH] Update the GPL version in the OpenSSL exception clause in dpi/https.c
2008-November.txt:Subject: [Dillo-dev] A warning about HTTPS and proxies
2008-October.txt:Subject: [PATCH] https: Improve the plugin warnings when SSL is disabled.
2008-October.txt:Subject: [Dillo-dev] https error handling
2008-October.txt:Subject: [PATCH] Update the GPL version in the OpenSSL exception clause in dpi/https.c
2009-July.txt:Subject: [Dillo-dev] [patch] check for dpip_tag == NULL in https.c
2009-June.txt:Subject: patch: Re: [Dillo-dev] https through a proxy
2009-May.txt:Subject: [Dillo-dev] https through a proxy
2009-May.txt:Subject: patch: Re: [Dillo-dev] https through a proxy
2010-January.txt:Subject: [Dillo-dev] experimental patch: gnutls for the https dpi
2010-October.txt:Subject: [Dillo-dev] Https remote certificate cannot be verified
2011-December.txt:Subject: [Dillo-dev] IPv6 and HTTPS (Re: release candidate for dillo-3.0.2)
2011-December.txt:Subject: [Dillo-dev] IPv6 and HTTPS (Re: release candidate for
2012-October.txt:Subject: [Dillo-dev] https unpleasantness
2013-February.txt:Subject: [Dillo-dev] https related crash
2013-March.txt:Subject: [Dillo-dev] https related crash

Greetings
Andreas Kemnade
Loading...