On Wed, Apr 14, 1999 at 09:41:34AM +0200, Ralf S. Engelschall wrote:
> On Tue, Apr 13, 1999, Gary Carroll wrote:
>> I think you may find that you can only use SSL with IP-based vhosts. For
>> name-based vhosts you need to have established the connection to read
>> the Host: header, which for SSL means sending out the appropriate cert
>> for the domain your client is connecting to. If you only have one IP
>> interface there's no way that I know to find out what that domain is.
>> If there _is_ a way I'd love to know about it.
> Unless TLSv2 would provide us with the details about the logically connected
> host, there is _NO_ way, of course. And this will not occur even for TLSv2, I
> think... :-(
This is not about TLSv2, this is about a successor of HTTPS. There's
a draft that recommends using the "Update" header of HTTP to enable
SSL/TLS on the standard HTTP port; i.e. simple tunnelling is abandoned
in favour of integrating the security protocol in the application
protocol. This is similar to what RFC 2487 defines for mail.
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.engelschall.com/sw/mod_ssl/
Official Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
