Ben Laurie wrote:
Ian G wrote:
(The big problem of course is that you can use
one cert to describe many domains only if they
are the same administrative entity.)
If they share an IP address (which they must, otherwise there's no
problem), then they must share a webserver, which means they can share a
Certainly they *can* share a cert. But a cert
speaks to identity - at the human level the cert
is supposed to (by some readings) indicate who
the site is purporting to be and in some scenarios,
there are people who think the cert actually
proves that the site is who it claims to be.
So regardless of the technical details of the
underlying software (complex, I grant), websites
SHOULD NOT share a cert.
I don't see why not - the technical details actually matter. Since the
servers will all share a socket, on any normal architecture, they'll all
have access to everyone's private keys. So, what is gained by having
1. Because the activity is being done "in the name
of" the site. When a business "signs" or otherwise
represents a site as purporting to be in the name of
some business, we still want to do it in a way that
separates out that business from every other.
2. The system operator has access to the private
keys, yes, but he's just the agent, and this does
not mean that anyone else has access. We have
systems in place to separate out the protection
of the keys from the rest of the business.
Most small businesses have some level of cooperation
where they share techies, systems, and other services,
so it is probably more seen and more useful in the
SOHO (small office home office) world. Of course,
this is less interesting to the security world,
because there isn't the money to pay for consultants
All the more reason why the software should provide
the best it can for free!
I do agree that the process by which the additional names get added to
the main cert needs to reflect ownership of the name, but that's a
And I'm not claiming, btw, that this mechanism is better than the server
name extension. However, I don't believe its as broken as some are claiming.
Well, sure. For many uses it will be a useful
stopgap measure, until SNI is deployed. It's
only broken if you like a binary world, and you
happen to fall on the zero side of the question.
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]