[90468] in Cypherpunks
Re: Search engines and https
daemon@ATHENA.MIT.EDU (Lucky Green)
Wed Nov 19 08:42:55 1997
Date: Thu, 20 Nov 1997 14:12:23 +0100 (CET)
From: Lucky Green <shamrock@cypherpunks.to>
To: Adam Back <aba@dcs.ex.ac.uk>
cc: cypherpunks@Algebra.COM
In-Reply-To: <199711190932.JAA00731@server.test.net>
Reply-To: Lucky Green <shamrock@cypherpunks.to>
On Wed, 19 Nov 1997, Adam Back wrote:
>
> One thing you could do is to have your server use http (no s) iff the
> connection comes from a known search engine. Reasonably easy to do --
> set up an http server, and block all sites, and put in allow
> directives for the search engines.
Then the search engine would list the wrong URL. The idea is to get
people to use crypto. In fact, as soon as I find the time, cypherpunks.to
will reject weak crypto browsers and provide those unfortunate enough to
use such a browser with pointers to upgrade options.
> It's not as if you're insisting on client certs for the HTTPS
server.
Actually, there are pages on the server that do require client certs.
Of course these pages need not be listed in any search engine. But now
that you mention it, it might be fun to set up an automated enrollment
page and require client certs for everything.
-- Lucky Green <shamrock@cypherpunks.to> PGP v5 encrypted email preferred.
"Tonga? Where the hell is Tonga? They have Cypherpunks there?"
