Re: RFS: schooltool
On Tue, Sep 07, 2004 at 10:17:41AM +0200, Andreas Schuldei wrote:
> practically, to be properly packaged for debian and debian-edu, i
> would like to see it operate with ssl by default, so no password
> go over the wire (or air, in case of wlan!) in the clear.
I propose to create the following packages:
schoolbell-ssl:
This depends on apache-ssl and sets up an apache virtual host that
proxys all requests to the schoolbell-ssl server. So communication to
apache-ssl from the outside world is over https and communication from
apache-ssl to schoolbell-ssl over 127.0.0.1 is in the clear. By default
the schoolbell-ssl server will only listen on 127.0.0.1.
(My computer is currently set up in this way, I only have to generalize
the config and put it in a package)
However, the SSL certificate for apache-ssl will still need to be set
up by the user or possibly through debconf pre-seeding.
schoolbell:
Does not depend on apache-ssl and by default listens to all interfaces
with all communication in the clear. Uses a different
port/database/config file to schoolbell-ssl so both packages are
installable at the same time with default configurations and will not
stomp each other.
schoolbell-common:
The arch-indep part of the program without configuration.
libschoolbell:
The few arch-dependent .so files that are needed.
Rationale:
* It is important to provide a package without a dependency on
apache-ssl as some people will not want to install this. Unfortunately
this package cannot use ssl by default.
Comments?
--
Brian Sutherland
Reply to: