Re: [SLUG] Name-based hosting limitation

From: Ian C. Blenke (icblenke@nks.net)
Date: Mon Aug 19 2002 - 17:18:05 EDT

You can, however, listen on multiple ports. By default, https uses 443,
but you can use :444, :10444, etc. As long as the host portion of the
URL resolves to the canonical name that resolves to the IP where the
port is listening on, the cert should match it. If you use a different
port than :443, you must still implicitly use it in the URL.

 - Ian

On Mon, 2002-08-19 at 12:26, Derek Glidden wrote:
> On Sun, 2002-08-18 at 23:02, Paul M Foster wrote:
> > Seems to me I recall reading something about some thing(s) you can't do
> > with name-based hosting. By that, I mean hosting not based on a fixed IP
> > address, but on just the name. Something like you couldn't do SSL or
> > somesuch. Can't for the life of me recall what it was. Anyone know the
> > answer or a link?
>
> Do you mean "dynamic DNS" or "name-based virtual hosts"?
>
> In the former case, anything is possible as long as DNS is accurate and
> up-to-date.
>
> In the latter case, you can only have one SSL cert per IP address by the
> nature of the protocol, and other protocols (like ftp) that connect to a
> the IP dereferenced by the hostname, but don't include the hostname as
> part of the connection, are limited to a single host-per-IP. There are
> other protocols with that limitation, but SSL and FTP are the "biggies".
> Anything run out of inetd will have similar problems. (f.ex. you can't
> have multiple "telnet" hosts on a single IP address.)
>
> --
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
> #!/usr/bin/perl -w
> $_='while(read+STDIN,$_,2048){$a=29;$b=73;$c=142;$t=255;@t=map
> {$_%16or$t^=$c^=($m=(11,10,116,100,11,122,20,100)[$_/16%8])&110;
> $t^=(72,@z=(64,72,$a^=12*($_%16-2?0:$m&17)),$b^=$_%64?12:0,@z)
> [$_%8]}(16..271);if((@a=unx"C*",$_)[20]&48){$h=5;$_=unxb24,join
> "",@b=map{xB8,unxb8,chr($_^$a[--$h+84])}@ARGV;s/...$/1$&/;$d=
> unxV,xb25,$_;$e=256|(ord$b[4])<<9|ord$b[3];$d=$d>>8^($f=$t&($d
> >>12^$d>>4^$d^$d/8))<<17,$e=$e>>8^($t&($g=($q=$e>>14&7^$e)^$q*
> 8^$q<<6))<<9,$_=$t[$_]^(($h>>=8)+=$f+(~$g&$t))for@a[128..$#a]}
> print+x"C*",@a}';s/x/pack+/g;eval
>
> usage: qrpff 153 2 8 105 225 < /mnt/dvd/VOB_FILENAME \
> | extract_mpeg2 | mpeg2dec -
>
> http://www.cs.cmu.edu/~dst/DeCSS/Gallery/
> http://www.eff.org/ http://www.anti-dmca.org/

This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 16:31:05 EDT