Jakob Hirsch wrote:
Kjetil Torgrim Homme wrote:
design of Internet protocols. LDAP, IMAP, SMTP, etc. etc -- it all
starts unencrypted and negotiates afterwards.
Err, there's a $1s counterpart for every protocol you listed, and there
are pop3s, imaps, nntps, https (which has no STARTTLS, TTBOMK).
ACK.
But in a manner of speaking an https (variant) can have comparable
behaviour.
ISTR that 'modern' http has a provision for specifying 'en clair' which
of several possible domains it seeks on a given IP, such that the server
can (among other things) offer up a matching cert - otherwise
historically a PITA for multi-domain servers on one IP.
'Old' AOLServer 'clusters' also did something similar via effectively
transparent routing a single external IP to multiple backend AOLServers
over unix sockets, & Squid *might* be able to do something similar if
breathed on heavily. Likewise Exim ...
Details escape me, as implementation was/is rare, and it goes against
the 'standards' vs simpler use of 'wildcard' or multi-domain certs;-)
Bill
--
## List details at http://www.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://www.exim.org/eximwiki/
