Multiple HTTPS sites on one IP address, was: Re: Self-signed certificates

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Hi

On Tue 24-Jan-2006 at 10:40:44AM +0100, Ralph Angenendt wrote:
> Chris Croome wrote:
> > 
> >   http://wiki.cacert.org/wiki/VhostTaskForce
> 
> Thank you very much for that information.

No problem, this wiki page isn't the easiest to follow... I'll see if I
can do a better one...

> On the other hand that issue would be much easier if browsers and
> webservers knew how to do "STARTTLS", so that the domain name the
> request is going to is known by the webserver. The session *then* can
> be encrypted with the key for exactly that domain.

Right, this is the RFC that covers this?

- HTTP Over TLS
  http://www.ietf.org/rfc/rfc2818.txt

I'd like to see server and browsers supporting RFC 2817 also, but
I seem to rememeber that when it was raised on Mozilla's bugzilla there
wasn't much support for it... and there are issues with is, see
discussion of it on the Apache site [1]:

- Upgrading to TLS Within HTTP/1.1
  http://www.ietf.org/rfc/rfc2817.txt

Chris

[1] http://www.google.com/search?q=rfc2817+site%3Aapache.org

-- 
Chris Croome                               <chris@xxxxxxxxxxxxxxxxxxx>
web design                             http://www.webarchitects.co.uk/ 
web content management                               http://mkdoc.com/   

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux