about summary refs log tree commit diff stats
path: root/docs/README.ssl
diff options
context:
space:
mode:
Diffstat (limited to 'docs/README.ssl')
-rw-r--r--docs/README.ssl69
1 files changed, 69 insertions, 0 deletions
diff --git a/docs/README.ssl b/docs/README.ssl
new file mode 100644
index 00000000..c9d1c79e
--- /dev/null
+++ b/docs/README.ssl
@@ -0,0 +1,69 @@
+SSL support for Lynx 2.8.5pre.1
+-- adapted from http://www.mentovai.com/lynx/
+
+Lynx, in its unmodified form, will not allow you to make secure socket layer
+(SSL) connections.  SSL is used for the secure transfer of information over the
+Internet.  Many sites are now requiring SSL to ensure security for themselves
+and their users.  With a version of Lynx modified to support SSL, Lynx users
+can now visit these sites with ease as well.
+
+The SSL configure option (--with-ssl) for Lynx provides the ability to make use
+of SSL over HTTP for secure access to web sites (HTTPS) and over NNTP for
+secure access to news servers (SNEWS).  SSL is handled transparently, allowing
+users to continue accessing web sites and news services from within Lynx
+through the same interface for both secure and standard transfers.
+
+This is based on, and requires, the OpenSSL library.  OpenSSL's distribution
+and use may be restricted by licenses and laws.  For information on obtaining
+OpenSSL, as well as information on its distribution, see
+
+	http://www.openssl.org/
+
+The main distribution site is at
+
+	ftp://ftp.openssl.org/source/
+
+Lynx also has experimental support for GnuTLS (configure option --with-gnutls).
+For information on GnuTLS, see
+
+	http://www.gnu.org/software/gnutls/
+
+To test your version of Lynx for SSL support, try it out with an SSL site.
+Below are secure (https) pages which will load if your browser contains SSL
+support and you accept their certificates; they give you some information about
+the connection.
+
+	https://www.gnutls.org:5555/
+	https://www2.ggn.net/cgi-bin/ssl
+
+Lynx will complain about the certificate, since the certificate presented is
+untrusted.  You may accept this certificate to test your configuration, since
+it is a test, but it is a bad idea to blindly accept certificates from unknown
+websites if you are transmitting form data or files.
+
+You should review the document README.sslcerts for a detailed discussion of
+correct certificate handling possibilities and procedures in lynx.
+
+Users are reminded to check the laws and regulations about encryption software
+in their own countries.
+
+Here is the URL for US notification rules:
+
+	http://www.bxa.doc.gov/Encryption/PubAvailEncSourceCodeNofify.html
+
+Note that that isn't a typo; it really is "Nofify". The site contains
+links to the full EAR regulations.
+
+Lynx is GPL'd, for our own use it falls under the regulations in EAR section
+740.13(e)(1):
+
+    (1) Encryption source code controlled under 5D002, which would be
+        considered publicly available under section 734.3(b)(3) and
+        which is not subject an express agreement for the payment a
+        licensing fee or royalty for commercial production or sale of
+        any product developed with the source code, is released from
+        EI controls and may be exported or reexported without review
+        under License Exception TSU, provided you have submitted
+        written notification to BXA of the Internet location (e.g.,
+        URL or Internet address) or a copy of source code by the time
+        of export.