Sunder <[EMAIL PROTECTED]> writes:

> The worst trouble I've had with https is that you have no way to use host
> header names to differentiate between sites that require different SSL
> certificates.
> i.e. can't all live on the same IP and
> have individual ssl certs for https. :(  This is because the cert is
> exchanged before the http 1.1 layer can say "I want" 
> So you need to waste IP's for this.  Since the browser standards are
> already in place, it's unlikely to be to find a workaround.  i.e. be able
> to switch to a different virtual host after you've established the ssl
> session.  :(
This is being fixed. See draft-ietf-tls-extensions-06.txt


[Eric Rescorla                                   [EMAIL PROTECTED]

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to