On Tue, Oct 21, 2014 at 04:42:24PM +0000, eocene wrote:
Jorge wrote:
Oh, as our mailsearch doesn't work anymore, is there and URL to the original thread (Gmane style) or something?
I'd like to remember what the main point of having SSL inside the browser were. I'm getting old. ;)
Looking briefly, I couldn't find relevant discussion. Possibly it was off list. My recollection is that, at the time, it had to do with seeing how SSL was becoming more and more central to browsing with things like 'HTTPS Everywhere' and 'HTTP Strict Transport Security' coming along and the issue of privacy gaining increasing public awareness.
As for this effort now, I started just by wondering what it would look like if I integrated Benjamin's code and took out the windows stuff. It was working pretty well very quickly. And now I like how much more respectful of servers and resources Dillo can be when HTTPS is integrated with the http_max_conns queuing and http_persistent_conns. I think Johannes mentioned something about Dillo and Tor not working together so well with HTTPS in a dpi, but I don't know the details there.
There is a potential loophole if you start dillo in a torified environment and dpid is running outside. Then https connections go via the non-torified https plugin. It's a small detail, but it happened to me. I'm mostly interested in getting SSL support from unmaintained experimental state to properly supported and maintained option. Cheers, Johannes