Re: RFC: Handling of certificates in Debian

To: Henrique de Moraes Holschuh <hmh@debian.org>
Cc: debian-devel@lists.debian.org
Subject: Re: RFC: Handling of certificates in Debian
From: Stephen Frost <sfrost@snowman.net>
Date: Mon, 2 Sep 2002 13:06:52 -0400
Message-id: <[🔎] 20020902170652.GH24872@ns>
Mail-followup-to: Henrique de Moraes Holschuh <hmh@debian.org>, debian-devel@lists.debian.org
In-reply-to: <20020831115504.GA9008@khazad-dum>
References: <20020830001131.A15775@stargate.galaxy> <20020829223936.GA12632@khazad-dum> <20020830175717.GB19306@mcdonald.org.uk> <20020830215708.GA10758@cs.washington.edu> <20020830231803.GB19478@mcdonald.org.uk> <20020831064251.GC16442@snoopy.apana.org.au> <20020831115504.GA9008@khazad-dum>

* Henrique de Moraes Holschuh (hmh@debian.org) wrote:
> On Sat, 31 Aug 2002, Brian May wrote:
> > (note that I really like this realiance on checking the hostname, for
> > instance it doesn't work properly with virtual name domains under https,
> > but it somehow seems to have become the defacto default, and we seem to
> > be stuck with it for now).
> 
> It can, if the !@#$@#$ browsers implement the altName extension.

Uh, except that on the server side if you're going to have different
certs for different virtual servers then unless they each have their own
IP there's no way for apache to know which cert to use because the SSL
connection and whatnot is set up prior to the HTTP headers being sent.
That's my understanding anyway.

	Stephen

Attachment: pgpUBo9Ar26i9.pgp
Description: PGP signature

Reply to:

Follow-Ups:
- Re: RFC: Handling of certificates in Debian
  - From: Henrique de Moraes Holschuh <hmh@debian.org>

Prev by Date: Re: [PHP] Standard placement of PHP libraries?
Next by Date: Re: RFC: A regression test framework for Debian packages?
Previous by thread: Orphaning websec...
Next by thread: Re: RFC: Handling of certificates in Debian
Index(es):
- Date
- Thread