What to do about SSL strength
Nicolas Goutte
nicolasg at snafu.de
Wed Mar 8 17:20:24 GMT 2006
On Wednesday 08 March 2006 15:57, Thiago Macieira wrote:
> Nicolas Goutte wrote:
> >Could it be done optionally site-by-site like for Java or for
> > JavaScript?
> >
> >So basically it would mean that KDE does not use 128 bit or less SSL but
> > that a user can tell KDE: "this site is too stupid but I really need
> > it, so use 128 bits SSL for this site".
>
> We're talking about libkio (kio/kssl) here, not Konqueror or even
> kio_http.
>
> This is actually like the "broken DNS server" list: we have to work around
> bugs in other people's sites in very low level stuff in our libraries.
>
> And like the "broken DNS server" list, this should be something we ship,
> not something users configure. They'll always think it's Konqueror at
> fault, not the website they're trying to use and will never look for a
> solution in the configuration.
That is unfortunate that the difference cannot be made.
Broken DNS servers are broken for every DNS lookup and indeed that is a
low-level problem (especially as it can hit many KIO slaves: ftp, http, fish,
sftp, smtp, imap, pop3...)
A failed SSL link is however visible only at higher levels, mainly if KHTML is
used.
Have a nice day!
More information about the kde-core-devel
mailing list