Multiple HTTPS sites on one IP address, was: Re: [CentOS] Self-signed certificates
Chris Croome
chris at webarchitects.co.uk
Tue Jan 24 09:57:22 UTC 2006
Hi
On Tue 24-Jan-2006 at 10:40:44AM +0100, Ralph Angenendt wrote:
> Chris Croome wrote:
> >
> > http://wiki.cacert.org/wiki/VhostTaskForce
>
> Thank you very much for that information.
No problem, this wiki page isn't the easiest to follow... I'll see if I
can do a better one...
> On the other hand that issue would be much easier if browsers and
> webservers knew how to do "STARTTLS", so that the domain name the
> request is going to is known by the webserver. The session *then* can
> be encrypted with the key for exactly that domain.
Right, this is the RFC that covers this?
- HTTP Over TLS
http://www.ietf.org/rfc/rfc2818.txt
I'd like to see server and browsers supporting RFC 2817 also, but
I seem to rememeber that when it was raised on Mozilla's bugzilla there
wasn't much support for it... and there are issues with is, see
discussion of it on the Apache site [1]:
- Upgrading to TLS Within HTTP/1.1
http://www.ietf.org/rfc/rfc2817.txt
Chris
[1] http://www.google.com/search?q=rfc2817+site%3Aapache.org
--
Chris Croome <chris at webarchitects.co.uk>
web design http://www.webarchitects.co.uk/
web content management http://mkdoc.com/
More information about the CentOS
mailing list