>From Wikipedia (http://en.wikipedia.org/wiki/Secure_Sockets_Layer):
"SSL v2 is disabled by default in Internet Explorer 7,[8] Mozilla Firefox 2 and Mozilla Firefox 3,[9] and Safari. After it sends a TLS ClientHello, if Mozilla Firefox finds that the server is unable to complete the handshake, it will attempt to fall back to using SSL 3.0 with an SSL 3.0 ClientHello in SSL v2 format to maximize the likelihood of successfully handshaking with older servers.[10] Support for SSL v2 (and weak 40-bit and 56-bit ciphers) has been removed completely from Opera as of version 9.5.[11]" I vaguely remember having to enable TLS support in IE once long ago for some web sites ... so I think this is more accepted now that you we might think. -- Jake > -----Original Message----- > From: Dave Steinberg [mailto:[email protected]] > Sent: Monday, June 22, 2009 9:47 AM > To: [email protected] > Subject: Re: [Pound Mailing List] TLS named virtual hosts and Pound > > Matti Aarnio wrote: > > The Pound proxy web page says that "one can not do named virtual > hosts > > on HTTPS, because the protocol does not support it". This used to > > be true, but necessary specification got ratified as standards track > > RFC in August 2006. Apprently it is not well known... > > > > The RFC 4366 defines extensions mechanism on TLS, and few extensions. > > One of those is "Server Name Indication", whereby the TLS client > tells > > the TLS server, which virtual server subsystem it is interested in. > > Any idea what the browser support is like? I was under the impression > that this wasn't really worth implementing yet because browser support > made it a nonstarter. But maybe that's changed? > > Regards, > -- > Dave Steinberg > http://www.geekisp.com/ > http://www.steinbergcomputing.com/ > > -- > To unsubscribe send an email with subject unsubscribe to > [email protected]. > Please contact [email protected] for questions. -- To unsubscribe send an email with subject unsubscribe to [email protected]. Please contact [email protected] for questions.
