httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Paul Querna <c...@force-elite.com>
Subject Re: AW: SSL enabled name virtual hosts
Date Mon, 06 Mar 2006 10:02:59 GMT
Pl├╝m wrote:
> 
>> -----Urspr├╝ngliche Nachricht-----
>> Von: William A. Rowe, Jr. 
>> Stop bitching about a 10 year old spec.  It's trivial, use a 
>> modern browser (beyond today - none exist yet) that can do 
>> Connection-Upgrade and agree about the text of the headers 
>> before the ssl handshake is performed.  The browser people 
>> haven't caught up, because it's a non-trivial problem to 
>> represent that the agreed-upon connection is secure to the 
>> user, or that a secure connection is available to be toggled, 
>> or whatever.  These aren't https:// requests, they are 
>> http:// with extra semantics.  Modern clients such as remote 
>> printing over http and neon/curl libraries already support it 
>> now, IIUC.  As does httpd 2.2.
> 
> Or wait for RFC3546 (ftp://ftp.rfc-editor.org/in-notes/rfc3546.txt)
> be implemented in the browsers and servers. IE 7 beta is said to
> support it and upcoming openssl 0.9.9 is likely to support it.
> After that we can start implementing in httpd.

httpd can already support it via mod_gnutls.

I didn't know that openssl 0.9.9 is likely to include support for SNI.

If it does, that is great.

I would be happy to write the code for mod_ssl to also support SNI.

-Paul
(The guy who wrote mod_gnutls and all its SNI magic).

Mime
View raw message