[13584] in cryptography@c2.net mail archive
Re: An attack on paypal
daemon@ATHENA.MIT.EDU (Matt Crawford)
Wed Jun 11 15:43:38 2003
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
To: Sunder <sunder@sunder.net>
Cc: "Email List: Cypherpunks" <cypherpunks@lne.com>,
"Email List: Cryptography" <cryptography@metzdowd.com>
From: "Matt Crawford" <crawdad@fnal.gov>
In-reply-to: Your message of Wed, 11 Jun 2003 10:56:21 EDT.
<Pine.BSO.4.21.0306111049300.463-100000@anon7.arachelian.com>
Date: Wed, 11 Jun 2003 14:13:25 -0500
> The worst trouble I've had with https is that you have no way to use host
> header names to differentiate between sites that require different SSL
> certificates.
True as written, but Netscrape ind Internet Exploder each have a hack
for honoring the same cert for multiple server names. Opera seems to
honor at least one of the two hacks, and a cert can incorporate both
at once.
/C=US/ST=Illinois/L=Batavia/O=Fermilab/OU=Services
/CN=(alpha|bravo|charlie).fnal.gov/CN=alpha.fnal.gov
/CN=bravo.fnal.gov/CN=charlie.fnal.gov
> So you need to waste IP's for this.
Waste? Heck no, that's what they're for!
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
