[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

rfc2487bis-04: Failed negotiations & virtual hosting

To: ietf-apps-tls@xxxxxxx
Subject: rfc2487bis-04: Failed negotiations & virtual hosting
From: Gregory Neil Shapiro <gshapiro@xxxxxxxxxxxx>
Date: Thu, 5 Oct 2000 17:55:26 -0700 (PDT)
List-archive: <http://www.imc.org/ietf-apps-tls/mail-archive/>
List-id: <ietf-apps-tls.imc.org>
List-unsubscribe: <mailto:ietf-apps-tls-request@imc.org?body=unsubscribe>
Sender: owner-ietf-apps-tls@xxxxxxxxxxxx

I had a couple of comments on the new draft:

1. You might want to mention what happens if the TLS negotiation fails in a
   non-recoverable way.  In these cases, the connection is simply dropped.
   (Since the encryption is out of skew, there is no way for a client to
   send a QUIT command or a server to send an error back to the client).

2. As Paul Hoffman and I discussed at IETF, there may be a virtual hosting
   problem that will necessitate a change.  For example, smtp.gshapiro.net
   does virtual hosting for about 50 domains.  If a client expects the
   certificate CN and the hostname to match, there needs to be some way to
   communicate that information.  HTTP has HTTP/1.1 or the Server: line to
   indicate the requested server.  SMTP will need the same if the server is
   to be able to determine which certificate to send.

Follow-Ups:
- Re: rfc2487bis-04: Failed negotiations & virtual hosting
  - From: dean gaudet
- Re: rfc2487bis-04: Failed negotiations & virtual hosting
  - From: Lutz Jaenicke
- beep use of tls
  - From: Marshall Rose

Prev by Date: Important Text - Something I need to tell you.
Next by Date: beep use of tls
Previous by thread: Important Text - Something I need to tell you.
Next by thread: beep use of tls
Index(es):
- Date
- Thread