Re: [TCLUG:12613] Reasons not to use Apache?

[Dave Sherohman <esper@usinternet.com>]

Carl Wilhelm Soderstrom said:
>         however, am I off-base in wondering if SSH should be used in this
> case? as I understand it, it shouldn't be significantly more work; and if
> someone calls and wonders about "hackers stealing their information on that
> Internet!"; you can honestly tell them that the whole thing is encrypted
> very securely.

As for me, I assume that, if both machines have telnet-ssl installed, it'll
automatically grab this sort of connection.  But I don't know if that's
correct.  (Actually, now that I stop to think about it, I don't think it is.
If I do a manual telnet to a nonstandard port, I don't see the SSL key
information...)

My boss, on the other hand, seems to consider most security concerns to be
'worrying about some all-powerful cracker' and then turns around and compares
it to people sitting in church because they're 'worried about some
all-powerful being'.  (We actually did some custom modifications for a
customer who wanted communications to be encrypted and he spent more time
coming up with ways to arrange it so that it would be up to them to implement
than it would've taken to just configure the damn thing to run over HTTPS or
SSL instead of plain HTTP.  *sigh*)

-- 
Geek Code 3.1:  GCS d- s+: a- C++ UL++$ P+>+++ L++>++++ E- W--(++) N+ o+ !K
w---$ O M- !V PS+ PE Y+ PGP t 5++ X+ R++ tv- b++ DI++++ D G e* h+ r++ y+