Future of KSSL

Jernej Kos kostko at jweb-network.net
Fri Nov 17 19:05:49 GMT 2006

>      This is not the right place to debate how to implement SSL, but
> you must know that SSL is as much about the policy decisions as it is
> about the cipher.  Simply dropping a scramble over the wire without
> having proper certificate validation is good for fooling only most
> primitive of those who might want to observe traffic.  It gains
> almost nothing in terms of security.

No doubt about it, but currently there is no alternative - KSSL does not work 
properly and the users need basic SSL support in version 0.8.0.

After this release and after porting to KDE4/Qt4 security concerns can be 
addressed (in KDE4 KSSL will hopefully be fixed so I can use that again with 
all the certificate storage and validation you have there), but currently 
there is no such choice.

Jernej Kos.

More information about the kde-core-devel mailing list