> > On Wed, Mar 10, 1999, Juergen Rensen wrote:
>
> >> I tried to setup
> >> virtual SSL hosts on the same IP address, but Apache always returned one
> >> and the same default site. Has this changed?
>
> > No, this cannot be changed. It's the chicken and egg problem HTTP
> > over SSL/TLS always will have unless the SSL/TLS protocol provides
> > information similar to the Host: header of HTTP. But because that
> > can be considered to be not really belong to the SSL/TLS layer it
> > will be never added to TLS, I think.
>
> I've thought about proposing an addition for the HTTP over TLS
> internet draft[1] that could make this possible (although I haven't
> written it down and sent it to the draft author for lack of time until
> now). While the right solution would be to convert from the current
> protocol to something different where the HTTP/1.1 hostname is sent in
> clear before TLS starts up (and such protocols have been proposed),
> for some situations a kludge might be helpful that does not change the
> current protocol structure. Namely: Change the current draft that
> requires that
While this is a somewhat sensible procedure, the ostensible purpose
of this draft is to document current practice. The APPs AD was prety
clear that he wanted another document (Rohit Khare's draft)
which was to be used for future HTTP/TLS work (it uses the upgrade
header).
Given that, I don't think this change is feasible at this time.
-Ekr
[Eric Rescorla [EMAIL PROTECTED]]
______________________________________________________________________
Apache Interface to SSLeay (mod_ssl) www.engelschall.com/sw/mod_ssl/
Official Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]