69 lines
3 KiB
Text
69 lines
3 KiB
Text
SSL support for Lynx 2.8.5pre.1
|
|
-- adapted from http://www.mentovai.com/lynx/
|
|
|
|
Lynx, in its unmodified form, will not allow you to make secure socket layer
|
|
(SSL) connections. SSL is used for the secure transfer of information over the
|
|
Internet. Many sites are now requiring SSL to ensure security for themselves
|
|
and their users. With a version of Lynx modified to support SSL, Lynx users
|
|
can now visit these sites with ease as well.
|
|
|
|
The SSL configure option (--with-ssl) for Lynx provides the ability to make use
|
|
of SSL over HTTP for secure access to web sites (HTTPS) and over NNTP for
|
|
secure access to news servers (SNEWS). SSL is handled transparently, allowing
|
|
users to continue accessing web sites and news services from within Lynx
|
|
through the same interface for both secure and standard transfers.
|
|
|
|
This is based on, and requires, the OpenSSL library. OpenSSL's distribution
|
|
and use may be restricted by licenses and laws. For information on obtaining
|
|
OpenSSL, as well as information on its distribution, see
|
|
|
|
http://www.openssl.org/
|
|
|
|
The main distribution site is at
|
|
|
|
ftp://ftp.openssl.org/source/
|
|
|
|
Lynx also has experimental support for GnuTLS (configure option --with-gnutls).
|
|
For information on GnuTLS, see
|
|
|
|
http://www.gnu.org/software/gnutls/
|
|
|
|
To test your version of Lynx for SSL support, try it out with an SSL site.
|
|
Below are secure (https) pages which will load if your browser contains SSL
|
|
support and you accept their certificates; they give you some information about
|
|
the connection.
|
|
|
|
https://www.gnutls.org:5555/
|
|
https://www2.ggn.net/cgi-bin/ssl
|
|
|
|
Lynx will complain about the certificate, since the certificate presented is
|
|
untrusted. You may accept this certificate to test your configuration, since
|
|
it is a test, but it is a bad idea to blindly accept certificates from unknown
|
|
websites if you are transmitting form data or files.
|
|
|
|
You should review the document README.sslcerts for a detailed discussion of
|
|
correct certificate handling possibilities and procedures in lynx.
|
|
|
|
Users are reminded to check the laws and regulations about encryption software
|
|
in their own countries.
|
|
|
|
Here is the URL for US notification rules:
|
|
|
|
http://www.bxa.doc.gov/Encryption/PubAvailEncSourceCodeNofify.html
|
|
|
|
Note that that isn't a typo; it really is "Nofify". The site contains
|
|
links to the full EAR regulations.
|
|
|
|
Lynx is GPL'd, for our own use it falls under the regulations in EAR section
|
|
740.13(e)(1):
|
|
|
|
(1) Encryption source code controlled under 5D002, which would be
|
|
considered publicly available under section 734.3(b)(3) and
|
|
which is not subject an express agreement for the payment a
|
|
licensing fee or royalty for commercial production or sale of
|
|
any product developed with the source code, is released from
|
|
EI controls and may be exported or reexported without review
|
|
under License Exception TSU, provided you have submitted
|
|
written notification to BXA of the Internet location (e.g.,
|
|
URL or Internet address) or a copy of source code by the time
|
|
of export.
|