Can we copy trust?
Ben Laurie
ben at links.org
Mon Jun 2 22:36:55 EDT 2008
Ed Gerck wrote:
> Ben Laurie wrote:
>> But doesn't that prove the point? The trust that you consequently
>> place in the web server because of the certificate _cannot_ be copied
>> to another webserver. That other webserver has to go out and buy its
>> own copy, with its own domain name it it.
>
> A copy is something identical. So, in fact you can copy that server cert
> to another server that has the same domain (load balancing), and it will
> work. Web admins do it all the time. The user will not notice any
> difference in how the SSL will work.
Obviously. Clearly I am talking about a server in a different domain.
--
http://www.apache-ssl.org/ben.html http://www.links.org/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list