[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

RE: Distribution of Authentication Certificates

Robert Bihlmeyer wrote:
> Bernd Eckenfels <lists@lina.inka.de> writes:
> > On Sun, Mar 16, 2003 at 09:35:00PM +0100, Robert Bihlmeyer wrote:
> > > TLS/SSL is a perfectly fine protocol with self-signed certificates.
> >
> > Unfortunatelly it does not support named based virtual hosts,
> mozilla has some code to allow matching multiple hosts with the cn
> (you can list them, and I think something like *.foo.bar is also
> possible). Dunno if that is standardised somewhere.

Netscape 4- uses the following scheme:

(See "Subject Common Name" a bit further down)

I think Mozilla works the same way, plus it supports the "subjectAltName"
SSLv3 extension (as does Internet Explorer 5+, but not Opera 7-!).


Reply to: