Re: [naviserver-devel] nsssl 0.5 available

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

One more update: There is now an additional feature in NaviServer to 
allow a site admin to
add extra reply header fields with little effort. The nssock and nsssl 
driver accept new a parameter
extraheaders which contains an attribute/value list of extra reply 
header fields. By using e.g.

      ns_section    ns/server/${servername}/module/nsssl
      ...
      ns_param      extraheaders { Strict-Transport-Security "max-age=31536000; includeSubDomains"}
      ...

one can activate HTTP Strict Transport Security (HSTS) for https 
connections. With this activated,
one can obtain an "A+" rating with NaviServer + ssl from Qualys SSL Labs.

all the best
-gustaf neumann

http://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security
http://dev.chromium.org/sts
https://tools.ietf.org/html/rfc6797

Am 10.04.14 11:53, schrieb Gustaf Neumann:
> Dear Friends,
>
> the bitbucket repository contains a new version of the nsssl module of 
> NaviServer that
> makes it easier to obtain from Qualys SSL Labs an "A" rating with 
> actual versions
> of openssl by supporting more ciphers.
>
> All the best
> -gustaf neumann
>
> New in Version 0.5:
> - Support for Elliptic Curve Cryptography
>    (such as Elliptic Curve Diffie-Hellman (ECDH))
> - Provide compiled-in defaults for DH parameters
> - Handling several SSL and TLS bugs.
> - Deactivated SSLv2
>

Re: [naviserver-devel] nsssl 0.5 available

NaviServer, a high performance web server written in C and Tcl

Re: [naviserver-devel] nsssl 0.5 available