Ian,
Ian G wrote:
Nelson B wrote:
[here I have snipped an old message of mine that says that SSL2 servers are hindering the rollout of new optional TLS extensions. ]
Ian, how is that stopping people from using encryption?
Correct me if I am wrong, but it means that the virtual hosts capability in newer versions of SSL v3/TLS v1 are not available.
As many people (me, for example) have limited access to single IPs, this means I can only have one SSL site. Or, more practically, the half dozen of us sharing one server are limited to one SSL site. Luckily I got there first on my server! But it still means that 2 other sites that I want run over SSL cannot be so done.
You still have the ability to use alternate ports for your 2 extra SSL servers, using your single IP. If you must use the same port, all may not be lost. You might be able get a single cert with all 3 hostnames in it, for example. If you want to use different certs or cipher suites, only have one IP address, and must use the same port, then you are indeed stuck today.
_______________________________________________
Mozilla-security mailing list
Mozilla-security@mozilla.org
http://mail.mozilla.org/listinfo/mozilla-security
