Ed Gerck wrote:
Ben Laurie wrote:
But doesn't that prove the point? The trust that you consequently
place in the web server because of the certificate _cannot_ be copied
to another webserver. That other webserver has to go out and buy its
own copy, with its own domain name it it.
A copy is something identical. So, in fact you can copy that server cert
to another server that has the same domain (load balancing), and it will
work. Web admins do it all the time. The user will not notice any
difference in how the SSL will work.
Obviously. Clearly I am talking about a server in a different domain.
--
http://www.apache-ssl.org/ben.html http://www.links.org/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]