[Wien] Ist Funkfeuer davon betroffen?
Ralf Schlatterbeck
(spam-protected)
Do Okt 28 14:37:29 CEST 2010
On Thu, Oct 28, 2010 at 01:38:40PM +0200, Gregor G. wrote:
> Am 28.10.10 10:51, schrieb Ralf Schlatterbeck:
> > Und das ist für Facebook (und Twitter) nicht ganz einfach zu fixen,
> > weil SSL auf die IP-Adresse geht und nicht auf die Domain.
>
> Also das wäre mir neu...
http://en.wikipedia.org/wiki/Transport_Layer_Security
"From the application protocol point of view, TLS belongs to a lower
layer, although the TCP/IP model is too coarse to show it. This means
that the TLS handshake is usually (except in the STARTTLS case)
performed before the application protocol can start. The name-based
virtual server feature being provided by the application layer, all
co-hosted virtual servers share the same certificate because the server
has to select and send a certificate immediately after the ClientHello
message. This is a big problem in hosting environments because it means
either sharing the same certificate among all customers or using a
different IP address for each of them."
Aber Du hast vermutlich recht, dass das im Fall *einer* Domain und
*vielen* IPs kein Problem ist.
Ralf
--
Ralf Schlatterbeck email: (spam-protected)
Mehr Informationen über die Mailingliste Wien