[EMAIL PROTECTED] wrote:
Which has a derivative problem when setting up TLS that the recipient doesn't know which domain it needs to provide a certificate for when the connection is established. IIRC, someone has proposed a solution where the recipient presents a certificate that specifies all of the domains it is authoritative for.
With the TLS extended hello (rfc3546) this is no longer a problem. In an extended hello, the client can include the "server_name" extension to allow the server to present the right certificate. - vijay -- Vijay K. Gurbani, Bell Laboratories, Alcatel-Lucent 2701 Lucent Lane, Rm. 9F-546, Lisle, Illinois 60532 (USA) Email: [EMAIL PROTECTED],bell-labs.com,acm.org} WWW: http://www.alcatel-lucent.com/bell-labs _______________________________________________ Sip mailing list https://www1.ietf.org/mailman/listinfo/sip This list is for NEW development of the core SIP Protocol Use [EMAIL PROTECTED] for questions on current sip Use [EMAIL PROTECTED] for new developments on the application of sip
