Google didnt 'choose' this restriction, its due to a fundamental limitation of the SSL protocol. The current incarnation is not able to support multiple domains per ip address. So the only workaround would be to issue unique IP address*s* per domain - cant just use one in distributed fault tolerent system, and there quite simply getting that amount of IPs would be prohibitively complex and probably expensive.
2009/10/7 johnP <[email protected]>: > > Brake pads are not usable in this system, because Google made a design > choice to not include a pedal and master-cylinder and hydraulics. > And the new fly-by-wire brake pads are not yet viable. That's the > entire point... > > :) > > johnP > > > On Oct 7, 5:58 am, Barry Hunter <[email protected]> wrote: >> The difference is there is viable technology to stop a car already (brake >> pads) >> >> There is no viable technology to ssl enable custom domains in a >> distributed enviroment like appengine. >> >> SNI will allow it, but it doesnt have widespread adoption to be usable >> (its not in IE for >> example!)http://en.wikipedia.org/wiki/Server_Name_Indication >> >> 2009/10/7 johnP <[email protected]>: >> >> >> >> >> >> > Google folks in the past mentioned this as the most likely way to >> > accomplish this task. But it's a real bummer that we need to engage >> > in such hackery... It's like buying a car - then having a lively >> > discussion on a forum - "I have a great idea how to stop it. How >> > 'bout you cut a hole in the floor, and this way, when you need to >> > stop, you can stick your foot on the ground and drag it to a stop..." >> > And then the consensus opinion is "This would work - as long as you >> > bought shoes with thick soles..." >> >> > On Oct 6, 10:14 am, Erem <[email protected]> wrote: >> >> I wanted your opinions on an SSL workaround I'm planning for my >> >> medical app. >> >> >> Let's say my medical app iswww.mymedical.com. >> >> >> The front-end is written in GWT and served from AppEngine via HTTP >> >> fromwww.mymedical.com. It does not even use the datastore. >> >> >> The back-end is a JSON data API at mymedical.appspot.com. It has all >> >> the important stuff: db of users, their medical data, etc. It only >> >> responds to HTTPS. >> >> >> Question: How do we make secure requests for sensitive data without >> >> the loss of branding that occurs when mymedical.appspot.com appears on >> >> the address bar? >> >> >> Answer: Serve all pages fromwww.mymedical.com, and have those pages >> >> execute asynchronous API calls to mymedical.appspot.com. Retrieve >> >> responses by having the server output JSONP (http://bob.pythonmac.org/ >> >> archives/2005/12/05/remote-json-jsonp/) rather than plain JSON. >> >> >> Do any of you guys currently do this? How does it work for you? >> >> >> Erem >> >> -- >> Barry >> > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en -~----------~----~----~----~------~----~------~--~---
