[Previous] [Next] [Index]
[Thread]
RELEASE: Shen 1.1 PreRelease.
Hello All,
This is to announce a prerelease of the Shen enhanced CERN libwww,
CERN daemon and NCSA-Mosaic. Full details from the Shen URL :-
http://info.cern.ch/hypertext/WWW/Shen/ref/shen_code
Or for those without a WWW browser (in which case why are you reading this
list anyway ?) :-
ftp://info.cern.ch/pub/www/shen
Usual disclaimers, Note that all NCSA's restrictions on Mosaic apply to
ShenMosaic. Note that the RSA library used is the European SecuDE code
>From Darmstatt. Unlike previous versions this code is now incorporated into the
library, there is no need to aquire the whole of SecuDE. US users should remove
this code and replace with RSAREF code to comply with RSA's patent restrictions.
This is not a full public release, the code is unsupported and no undertaking
is made to guarantee backwards compatibility. In particular the following
problems are known to exist :-
1) The code only works on big endian machines (eg Sun). Checking the little
endian version is now a priority.
2) The API does not provide for "slot in" encryption libraries etc as discussed
on this list. This is being actively considered. This question has to
be solved in the context of the whole library though, not just for
the security segment.
[But note, the format of the RSA, DES etc encrypt/decrypt modules
has been chosen to facilitate a modular API]
3) The version supports only the GET method. PUT and POST may work with
encryption, the server has not been modified however.
4) The secret header field is not implemented yet. This is because various
questions to do with proxying need to be thought about.
5) This version does not support SHTTP, does not interface to PGP, RIPEM or
X500 key databases. Authentication of the server by the client is
not enabled even though the code is all written.
Phill Hallam-Baker
Henryk Frystyk
Follow-Ups: