An attack on paypal
Matt Crawford
crawdad at fnal.gov
Wed Jun 11 15:13:25 EDT 2003
> The worst trouble I've had with https is that you have no way to use host
> header names to differentiate between sites that require different SSL
> certificates.
True as written, but Netscrape ind Internet Exploder each have a hack
for honoring the same cert for multiple server names. Opera seems to
honor at least one of the two hacks, and a cert can incorporate both
at once.
/C=US/ST=Illinois/L=Batavia/O=Fermilab/OU=Services
/CN=(alpha|bravo|charlie).fnal.gov/CN=alpha.fnal.gov
/CN=bravo.fnal.gov/CN=charlie.fnal.gov
> So you need to waste IP's for this.
Waste? Heck no, that's what they're for!
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list