[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] Raq4 / SSL / virtual site

Subject: Re: [cobalt-users] Raq4 / SSL / virtual site
From: elmer@xxxxxxxxxxxxxx
Date: Mon Mar 26 16:54:10 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

On Tue, 27 Mar 2001, Chris Bell wrote:

} As far as I know you require a separate IP for each SSL certificate... Is
} this just a Cobalt thing or does it apply to SSL in general?

	It's SSL. The protocol upon which it runs does not pass the
headers required to run off a named based scheme.

	Using symbolic links is kind of messy and it's a security
issue in that the owner of site2 then has a doorway into site1 and
vise versa. The ownership of the directories and files have to be
such that the parent site can work with them. The final result is
that users end up with read/write permissions on the files owned by
other users in the symbolically linked file system. Even if none of
them have a clue, which is most often the case, an error by one can
sometimes have far reaching effects.

	It's a lot like a "party line". I don't know if those are
still around but, way back when, it wasn't unusual for many people
to share the same telephone number - each having the ability to
participate in, interrupt or just raise cain during the then
current conversation, even if they were not invited to do so.

References:
- Re: [cobalt-users] Raq4 / SSL / virtual site
  - From: Chris Bell

Prev by Date: Re: [cobalt-users] Attackalert
Next by Date: Re: [cobalt-users] Attackalert
Previous by thread: Re: [cobalt-users] Raq4 / SSL / virtual site
Next by thread: RE: [cobalt-users] Raq4 / SSL / virtual site

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index