Joe Orton wrote:
Making sure that mod_ssl's existing access control options work correctly in an SNI configuration is the critical item (and has proven to be non-trivial), otherwise it opens up security holes.Kaspar Brand did a bunch of great work on this last year; I have not had time to fully review and integrate that yet. There is an outstanding patch from Kaspar which is not on the trunk yet, the thread below has the details:http://thread.gmane.org/gmane.comp.apache.devel/34360/focus=34493
Is there a bugzilla entry that keeps track of this?I keep seeing criticism on various lists from people who see SNI stalled but don't know why, it would be great to be able to tell them "go see bug X, add your 2c".
Regards, Graham --
smime.p7s
Description: S/MIME Cryptographic Signature
