thanks for the link. but what would be really nice is if the link could
be automatically included in the email (as part of the signature) while
being sent out. two caveats on dynamic ip domains 1) no-ip.com has a wildcard certificate so it could m-i-t-m anything it wanted since it also controls the dns 2) a very remote possibility that in the few seconds between your ip changing and your domain getting updated (or in case your machine goes down for quite some time, no-ip dosent get updated and keeps pointing to the last reported dynamic ip, and someone else gets your dynamic ip) someone else could get another cert issued if he gets your old dynamic ip. sorry i guess i cant help you out of ssl virtual hosting, cos i havent heard of anything better than mod_gnutls so far SithLord wrote: --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. SeeOn Tuesday 25 July 2006 11:26, Emmanuel E wrote:if youre worried about a man in the middle attack but still want a poor man's hosting you could get a one month trial certificate from rapidssl.com for practically any domain (including dynamic ones like mysite.no-ip.com.) during the trial period (they basically set the certificate to expire in a month's time) you can be free of m-i-t-m attacks. but even after the trial period all you have is an expired certificate - which except for the date and the browser pop-up which says that the cert has expired is still free from m-i-t-m attacks.That's a good point.im sorry i didnt follow the entire thread so am not sure if the above will help you in anyway. it would be nice if each message from the list would include a http link to a message thread somewhere...The mailing list archives: http://mail-archives.apache.org/mod_mbox/httpd-users/200607.mbox/browser Page 5 as of this writing. |