An attack on paypal
Matt Crawford
crawdad at fnal.gov
Wed Jun 11 12:13:25 PDT 2003
> The worst trouble I've had with https is that you have no way to use host
> header names to differentiate between sites that require different SSL
> certificates.
True as written, but Netscrape ind Internet Exploder each have a hack
for honoring the same cert for multiple server names. Opera seems to
honor at least one of the two hacks, and a cert can incorporate both
at once.
/C=US/ST=Illinois/L=Batavia/O=Fermilab/OU=Services
/CN=(alpha|bravo|charlie).fnal.gov/CN=alpha.fnal.gov
/CN=bravo.fnal.gov/CN=charlie.fnal.gov
> So you need to waste IP's for this.
Waste? Heck no, that's what they're for!
More information about the cypherpunks-legacy
mailing list