httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ben Laurie <...@algroup.co.uk>
Subject Re: Upcoming 'Upgrade' draft
Date Wed, 21 Jul 1999 12:58:45 GMT
Dean Gaudet wrote:
> 
> On Mon, 19 Jul 1999, Ben Laurie wrote:
> 
> > "Ritcey, Benjamin" wrote:
> > >
> > > [de-lurk]
> > >
> > > If I'm understanding this correctly, this would allow the long-sought-after
> > > SSL virtual host, no?
> >
> > You mean name-based SSL virtual hosts, I presume? In which case, yes.
> > IP/port-based SSL virtual hosts have always been possible, of course.
> 
> I'm not convinced ... it feels to me like there's a privacy problem if the
> client sends anything unencrypted other than the "please let's do ssl"
> request.

The "please let's do ssl" request include the Host: header, as per the
spec. If you want to debate this, you are on the wrong list :-)

Cheers,

Ben.

--
http://www.apache-ssl.org/ben.html

"My grandfather once told me that there are two kinds of people: those
who work and those who take the credit. He told me to try to be in the
first group; there was less competition there."
     - Indira Gandhi

Mime
View raw message