I wrote:

http://www.dillo.org/test/ssl_in_browser.diff

Fixed a couple of bugs, added a couple of features, new version up.

Jorge wrote:

Oh, as our mailsearch doesn't work anymore, is there and URL to the original thread (Gmane style) or something?

I'd like to remember what the main point of having SSL inside the browser were. I'm getting old. ;)

Looking briefly, I couldn't find relevant discussion. Possibly it was off list. My recollection is that, at the time, it had to do with seeing how SSL was becoming more and more central to browsing with things like 'HTTPS Everywhere' and 'HTTP Strict Transport Security' coming along and the issue of privacy gaining increasing public awareness. As for this effort now, I started just by wondering what it would look like if I integrated Benjamin's code and took out the windows stuff. It was working pretty well very quickly. And now I like how much more respectful of servers and resources Dillo can be when HTTPS is integrated with the http_max_conns queuing and http_persistent_conns. I think Johannes mentioned something about Dillo and Tor not working together so well with HTTPS in a dpi, but I don't know the details there.

I've got gmail going, using the ~/.dillo/certs certificate store. It took a bit of poking around, so I'm attaching my notes to myself in case they're useful for someone else. On 10/23/14, Johannes Hofmann <johannes.hofmann at gmx.de> wrote:

On Tue, Oct 21, 2014 at 04:42:24PM +0000, eocene wrote:

...

Jorge wrote:

...

Oh, as our mailsearch doesn't work anymore, is there and URL to the original thread (Gmane style) or something?

I'd like to remember what the main point of having SSL inside the browser were. I'm getting old. ;)

Looking briefly, I couldn't find relevant discussion. Possibly it was off list. My recollection is that, at the time, it had to do with seeing how SSL was becoming more and more central to browsing with things like 'HTTPS Everywhere' and 'HTTP Strict Transport Security' coming along and the issue of privacy gaining increasing public awareness.

As for this effort now, I started just by wondering what it would look like if I integrated Benjamin's code and took out the windows stuff. It was working pretty well very quickly. And now I like how much more respectful of servers and resources Dillo can be when HTTPS is integrated with the http_max_conns queuing and http_persistent_conns. I think Johannes mentioned something about Dillo and Tor not working together so well with HTTPS in a dpi, but I don't know the details there.

There is a potential loophole if you start dillo in a torified environment and dpid is running outside. Then https connections go via the non-torified https plugin. It's a small detail, but it happened to me. I'm mostly interested in getting SSL support from unmaintained experimental state to properly supported and maintained option.

Cheers, Johannes

_______________________________________________ Dillo-dev mailing list Dillo-dev at dillo.org http://lists.dillo.org/cgi-bin/mailman/listinfo/dillo-dev

Hi, On Tue, 21 Oct 2014 11:29:06 -0300 Jorge Arellano Cid <jcid at dillo.org> wrote:

Hi corvid,

On Mon, Oct 20, 2014 at 11:47:35PM +0000, eocene wrote:

...

I wrote:

...

http://www.dillo.org/test/ssl_in_browser.diff

Fixed a couple of bugs, added a couple of features, new version up.

Oh, as our mailsearch doesn't work anymore, is there and URL to the original thread (Gmane style) or something?

I'd like to remember what the main point of having SSL inside the browser were. I'm getting old. ;)

here is a list of subjects which contain https, maybe that helps a bit. 2003-June.txt:Subject: [Dillo-dev] HTTPS support 2003-March.txt:Subject: [Dillo-dev] https approaches? 2003-March.txt:Subject: [Dillo-dev] Re: https approaches? 2003-November.txt:Subject: [Dillo-dev] Re: https dpi 2003-November.txt:Subject: [Dillo-dev] HTTPS Patch 2003-November.txt:Subject: [Dillo-dev] tabs, https, ... 2003-November.txt:Subject: [Dillo-dev] Small bug with combined frames/tabs/https patch and gcc 2.9x 2003-November.txt:Subject: [Dillo-dev] Small bug with combined frames/tabs/https patch 2003-November.txt:Subject: [Dillo-dev] [PATCH] HTTPS version 2. 2003-October.txt:Subject: [Dillo-dev] HTTPS patch 2003-October.txt:Subject: [Dillo-dev] HTTPS Patch 2004-February.txt:Subject: [Dillo-dev] Re: https dpi 2004-January.txt:Subject: [Dillo-dev] Re: https dpi 2004-July.txt:Subject: [Dillo-dev]https 2004-July.txt:Subject: [Dillo-dev]HTTPS 2004-July.txt:Subject: [Dillo-dev]Re: HTTPS 2004-July.txt:Subject: [Dillo-dev]dpip dialog for https (and dpis in general) 2004-July.txt:Subject: [Dillo-dev]https patch 2004-July.txt:Subject: [Dillo-dev]dpip dialog for https (and dpis in general) 2004-July.txt:Subject: [Dillo-dev]More https goodness 2004-July.txt:Subject: [Dillo-dev]Replying to lists (was: dpip dialog for https (and dpis in general)) 2004-July.txt:Subject: [Dillo-dev]More https goodness 2004-July.txt:Subject: [Dillo-dev]HTTPS certificate support 2004-July.txt:Subject: [Dillo-dev]HTTPS Cleanup 2004-June.txt:Subject: [Dillo-dev]https (eg for posting to ps2 bulletin boards) 2004-March.txt:Subject: [Dillo-dev]Re: https hungs dillo up... 2004-May.txt:Subject: [Dillo-dev]https (eg for posting to ps2 bulletin boards) 2004-November.txt:Subject: [Dillo-dev]https by lynx -source 2004-September.txt:Subject: [Dillo-dev]https 2005-February.txt:Subject: [Dillo-dev]testing https plugin gave problems 2005-January.txt:Subject: [Dillo-dev]https, ssl & certificates 2005-July.txt:Subject: [Dillo-dev]cookies dpi over https and dpi framework 2005-June.txt:Subject: [Dillo-dev]cookies dpi over https and dpi framework 2007-October.txt:Subject: [Dillo-dev] https and OpenBSD 2008-April.txt:Subject: [Dillo-dev] [PATCH]: Fixing https step 1: Have a basic dpi dialog 2008-April.txt:Subject: [Dillo-dev] [PATCH]: Fixing https step 1: Have a basic dpi 2008-April.txt:Subject: [Dillo-dev] [PATCH]: Fixing https step 1: Have a basic dpi dialog 2008-April.txt:Subject: [Dillo-dev] [PATCH]: Fixing https step 1: Have a basic dpi 2008-March.txt:Subject: [Dillo-dev] https plugin status 2008-March.txt:Subject: [Dillo-dev] [PATCH]: send the https dpi plugin debug messages to the 2008-March.txt:Subject: [Dillo-dev] https plugin status 2008-March.txt:Subject: [Dillo-dev] [PATCH]: Fixing https step 1: Have a basic dpi dialog 2008-March.txt:Subject: [Dillo-dev] [PATCH]: Fixing https step 1: Have a basic dpi 2008-March.txt:Subject: [Dillo-dev] [PATCH]: Fixing https step 1: Have a basic dpi dialog 2008-March.txt:Subject: [Dillo-dev] https plugin status 2008-March.txt:Subject: [Dillo-dev] [PATCH]: Fixing https step 1: Have a basic dpi 2008-March.txt:Subject: [Dillo-dev] https plugin status 2008-March.txt:Subject: [Dillo-dev] [PATCH]: Fixing https step 1: Have a basic dpi dialog 2008-March.txt:Subject: [Dillo-dev] https plugin status 2008-November.txt:Subject: [PATCH] Update the GPL version in the OpenSSL exception clause in dpi/https.c 2008-November.txt:Subject: [Dillo-dev] A warning about HTTPS and proxies 2008-October.txt:Subject: [PATCH] https: Improve the plugin warnings when SSL is disabled. 2008-October.txt:Subject: [Dillo-dev] https error handling 2008-October.txt:Subject: [PATCH] Update the GPL version in the OpenSSL exception clause in dpi/https.c 2009-July.txt:Subject: [Dillo-dev] [patch] check for dpip_tag == NULL in https.c 2009-June.txt:Subject: patch: Re: [Dillo-dev] https through a proxy 2009-May.txt:Subject: [Dillo-dev] https through a proxy 2009-May.txt:Subject: patch: Re: [Dillo-dev] https through a proxy 2010-January.txt:Subject: [Dillo-dev] experimental patch: gnutls for the https dpi 2010-October.txt:Subject: [Dillo-dev] Https remote certificate cannot be verified 2011-December.txt:Subject: [Dillo-dev] IPv6 and HTTPS (Re: release candidate for dillo-3.0.2) 2011-December.txt:Subject: [Dillo-dev] IPv6 and HTTPS (Re: release candidate for 2012-October.txt:Subject: [Dillo-dev] https unpleasantness 2013-February.txt:Subject: [Dillo-dev] https related crash 2013-March.txt:Subject: [Dillo-dev] https related crash Greetings Andreas Kemnade