RE: Distribution of Authentication Certificates

To: "Bernd Eckenfels" <lists@lina.inka.de>
Cc: <debian-devel@lists.debian.org>
Subject: RE: Distribution of Authentication Certificates
From: "Julian Mehnle" <lists@mehnle.net>
Date: Thu, 27 Mar 2003 15:02:05 +0100
Message-id: <[🔎] EHEOIEJMBFBKCKMPHFJKCEOHDDAA.lists@mehnle.net>
In-reply-to: <[🔎] 87of42z6f5.fsf@orcus.priv.at>

Robert Bihlmeyer wrote:
> Bernd Eckenfels <lists@lina.inka.de> writes:
> > On Sun, Mar 16, 2003 at 09:35:00PM +0100, Robert Bihlmeyer wrote:
> > > TLS/SSL is a perfectly fine protocol with self-signed certificates.
> >
> > Unfortunatelly it does not support named based virtual hosts,
>
> mozilla has some code to allow matching multiple hosts with the cn
> (you can list them, and I think something like *.foo.bar is also
> possible). Dunno if that is standardised somewhere.

Netscape 4- uses the following scheme:

http://wp.netscape.com/eng/security/ssl_2.0_certificate.html#Site
(See "Subject Common Name" a bit further down)

I think Mozilla works the same way, plus it supports the "subjectAltName"
SSLv3 extension (as does Internet Explorer 5+, but not Opera 7-!).

Julian.

Reply to:

Follow-Ups:
- Re: Distribution of Authentication Certificates
  - From: Bernd Eckenfels <lists@lina.inka.de>

References:
- Re: Distribution of Authentication Certificates
  - From: Robert Bihlmeyer <robbe@orcus.priv.at>

Prev by Date: Re: BHS: Bug help system
Next by Date: Bug#186485: ITP: emacsbidi -- Emacs-bidi based on GNU Emacs-21.3.50 with Arabic and Hebrew support
Previous by thread: Re: Distribution of Authentication Certificates
Next by thread: Re: Distribution of Authentication Certificates
Index(es):
- Date
- Thread