At 08:38 AM 12/22/2004, Enrico Weigelt wrote:
>* Graham Leggett <[EMAIL PROTECTED]> wrote:
>
><snip>
>> You forget that there is a trust issue here. SSL brings with it not only 
>> encryption, but certification of the data that's being sent. If the SSL 
>> protocol somehow allowed external unprotected and untrusted information 
>> (like the name of the virtual host as you propose) into the equation, 
>> you would lose the whole point of the SSL.
>
>I dont see any problem with that. 
>If something like an additional host-header is sent before the handshake
>starts, its just an kind of multiplexer - allows several different 
>virtual hosts (not just only for http) sitting on the same socket.

Enrico - apparently you came into http about 10 years too late
for the world to appreciate and adopt your wisdom.  The entire
community has been well aware of this shortcoming, you seem
surprised?  Apparently this was news to you?

You are describing RFC 2817.  I already explained some of the
issues (if you were reading).  Dig into the ietf http archives
for discussion of why it's broken from a UI perspective.

Not only did the IETF toss out a solution, the IETF participants
and implementors have mostly ignored that solution, for its many 
shortcomings and weaknesses.

However, device communication developers (network printers etc) 
think it's a lovely solution and have actively adopted it!

>Okay, okay, its getting OT ...
>Was just an example that IETF doesn't stand for well-engineered 
>standards these days.

This is entirely off topic, httpd-dev is not an IETF discussion
list.  Please submit your solution as an RFC draft and go through
the process on that channel.  In the meantime, drop this absurd 
thread until those IETF participants school you in protocol design.

Either that, or do something productive, wander off to Mozilla, 
and advocate for the integration of RFC 2817 and solve some of
the thorny UI problems that it presents.

http://rfc.net/rfc2817.html

Your diatribes are getting stale, sorry if they've rubbed me
the wrong way.

Bill

Reply via email to