httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Enrico Weigelt <weig...@metux.de>
Subject Re: SSL + name based virtual hosting
Date Sat, 18 Dec 2004 06:19:20 GMT
* William A. Rowe, Jr. <wrowe@rowe-clan.net> wrote:

<snip>
> http://www.ietf.org/rfc/rfc2817.txt
> 
> spells out methods that the server can -insist- that an upgraded
> connection is used, and the client can instigate an upgraded
> connection as well even if the server doesn't require it.
> 
> But under no conditions is https:// valid for an upgraded
> connection.  The connection never left port 80.  The scheme
> http:// describes a connection to (default) port 80 started 
> as clear text, while the https:// scheme describes an explicit 
> SSL connection to (default) port 443.  Upgrade is an addendum
> to the http:// scheme.

What fools are sitting there in the IETF ?!
Couldn't they just define a new protocol (probably running on its
own port) which allows specifying additional headers *before*
SSL handshake starts or another SSL version, which allows passing
additional info from client->server before certs are exchanged/checked ?
Life could be so easy this way - probably too easy ...

Well, that were the same folks who invented IPSEC, which is not 
NAT'able.

It seems its the "we have enough IP addresses"-sickness ...


... its time to completely redesign HTTP ...


cu
-- 
---------------------------------------------------------------------
 Enrico Weigelt    ==   metux IT service

  phone:     +49 36207 519931         www:       http://www.metux.de/
  fax:       +49 36207 519932         email:     contact@metux.de
  cellphone: +49 174 7066481
---------------------------------------------------------------------
 -- DSL ab 0 Euro. -- statische IP -- UUCP -- Hosting -- Webshops --
---------------------------------------------------------------------

Mime
View raw message