On 15-jul-2005, at 19:14, Ned Freed wrote:
>> If they are, they're probably using some kind of proxy or NAT setup, >> for instance, having SSL sessions decrypted and then forwarded to the >> actual server port, making all the sessions seem to come from the >> same address.
> Exactly. SSL hardware is certainly one reason for such setups. > Others include > webmail, content filters, content transformers, auditing/ > monitoring, and IMAP4 > before SMTP coordination.
Ah, the plot thickens.
A good solution here would be a private protocol extension between the different hosts that provide part of the service. Always good when you don't have to upgrade the entire internet to solve the problem at hand. :-)
We already use this trick in a couple of places. But it only works when the components all come from the same vendor. In many cases they don't. For example, we often see our IMAP server used with someone else's webmail interface. Ned _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf