[scripts-announce] https://scripts-cert.mit.edu
Jeff Arnold
jbarnold at MIT.EDU
Mon Jan 30 03:17:52 EST 2006
scripts.mit.edu will be changing how it handles SSL connections and
certificate authentication in order to support a greater variety of
applications. Applications that require certificate authentication should
now use a URL that starts with https://scripts-cert.mit.edu in order to
ensure that certificate authentication occurs. Starting Sunday, February
5, URLs starting with https://scripts.mit.edu will not trigger certificate
authentication -- only URLs starting with https://scripts-cert.mit.edu
will cause certificate authentication to occur. If you would like us to
delay this transition, please let us know.
Applications that want to test whether the client accessing the
application has a valid MIT certificate should check the environment
variables starting with SSL_CLIENT [1] rather than simply checking whether
the connection is an SSL connection.
If you have any questions or concerns about this change, please contact us
by e-mailing scripts at mit.edu.
We generally try to avoid making server changes that can potentially
require script modifications. We hope that these kinds of changes will
become increasingly uncommon as the web script service continues to
mature.
[1] For details, see https://scripts-cert.mit.edu/~jbarnold/demo/env.pl
and http://httpd.apache.org/docs/2.0/mod/mod_ssl.html
Jeff Arnold
jbarnold at mit.edu
More information about the scripts-announce
mailing list