[30742] in North American Network Operators' Group
Re: ARIN Policy on IP-based Web Hosting
daemon@ATHENA.MIT.EDU (Bennett Todd)
Tue Aug 29 22:45:10 2000
Date: Tue, 29 Aug 2000 22:43:08 -0400
From: Bennett Todd <bet@rahul.net>
To: nanog@merit.edu
Message-ID: <20000829224308.D16883@oven.com>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-md5;
protocol="application/pgp-signature"; boundary="Q0rSlbzrZN6k9QnT"
Content-Disposition: inline
In-Reply-To: <NEBBLGCJOMNNCGJHPGMMGEEPCGAA.joe@vpop.net>; from joe@vpop.net on Tue, Aug 29, 2000 at 06:25:09PM -0700
Errors-To: owner-nanog-outgoing@merit.edu
--Q0rSlbzrZN6k9QnT
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
2000-08-29-21:25:09 Joseph McDonald:
> > Name-based virtual hosting does not work in many, MANY cases.
>=20
> And it doesn't work for POP3 at all.
It can. Just give your users POP logins of the form
user@domain.name.
> If you give your customers their own pop3 server, you will need to
> bind to a different IP for each customer. I don't know of any way
> around that.
Don't give them each their own pop3 server, just give them distinct
accounts per virtual domain on the same pop3 server.
> Same goes for ftp as far as I know.
ftp can't be name-virtual-hosted. It is also such a wretched
protocol that it urgently needs to be retired in all settings for
all purposes.
The only real excuse I'd argue for keeping IP virtual hosts is
https --- but as there's no chance of a secure replacement for HTTP
that works with name virtual hosts getting deployed any time soon,
and as the last legal barrier to universal deployment of https
is falling in just a month, I think ARIN has picked a remarkably
unfortunate time to launch this crusade. If they'd done it a couple
of years ago, maybe it would have helped to nudge some of the folks
who just never bothered to learn how to configure name virtual
hosts into shifting a bit, and possibly this could have helped
provide motivation for designing something better than the current
https, like e.g. a TLS negotiation within http, and maybe we could
be approaching the point where such an improved client might be
widely-enough available. But now there's no helping it, IP virtual
hosts are the primary webserving product for the next bit of a while
anyway.
-Bennett
--Q0rSlbzrZN6k9QnT
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.2 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE5rHS8L6KAps40sTYRAm7GAJ9WFhC2bltDmfqeLwKFTmo8Kr9MjQCeOvBJ
d9oQIEGmw81UqD56fb11Ldk=
=Y/wF
-----END PGP SIGNATURE-----
--Q0rSlbzrZN6k9QnT--
