At 08:38 AM 12/22/2004, Enrico Weigelt wrote: >* Graham Leggett <[EMAIL PROTECTED]> wrote: > ><snip> >> You forget that there is a trust issue here. SSL brings with it not only >> encryption, but certification of the data that's being sent. If the SSL >> protocol somehow allowed external unprotected and untrusted information >> (like the name of the virtual host as you propose) into the equation, >> you would lose the whole point of the SSL. > >I dont see any problem with that. >If something like an additional host-header is sent before the handshake >starts, its just an kind of multiplexer - allows several different >virtual hosts (not just only for http) sitting on the same socket.
Enrico - apparently you came into http about 10 years too late for the world to appreciate and adopt your wisdom. The entire community has been well aware of this shortcoming, you seem surprised? Apparently this was news to you? You are describing RFC 2817. I already explained some of the issues (if you were reading). Dig into the ietf http archives for discussion of why it's broken from a UI perspective. Not only did the IETF toss out a solution, the IETF participants and implementors have mostly ignored that solution, for its many shortcomings and weaknesses. However, device communication developers (network printers etc) think it's a lovely solution and have actively adopted it! >Okay, okay, its getting OT ... >Was just an example that IETF doesn't stand for well-engineered >standards these days. This is entirely off topic, httpd-dev is not an IETF discussion list. Please submit your solution as an RFC draft and go through the process on that channel. In the meantime, drop this absurd thread until those IETF participants school you in protocol design. Either that, or do something productive, wander off to Mozilla, and advocate for the integration of RFC 2817 and solve some of the thorny UI problems that it presents. http://rfc.net/rfc2817.html Your diatribes are getting stale, sorry if they've rubbed me the wrong way. Bill