[Python-ideas] Fwd: PEP 3156: getting the socket or peer name from the transport (original) (raw)
Yuval Greenfield ubershmekel at gmail.com
Sun Jan 27 18:41:28 CET 2013
- Previous message: [Python-ideas] Fwd: PEP 3156: getting the socket or peer name from the transport
- Next message: [Python-ideas] Fwd: PEP 3156: getting the socket or peer name from the transport
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Sun, Jan 27, 2013 at 7:11 PM, Umbrella Code <shane at umbrellacode.com>wrote:
It's been a few years so my memory must be rusty, but where is the https protocol dependent on the transport/SSL setup in that way?
Sent from my iPad Begin forwarded message: I can't speak for Antoine but I'm guessing he's talking about SNI:
- a VPS server hosts 2 sites with 2 certificates for "mysite.com" and " yoursite.com"
- the original TCP server has no idea which cert to use as both sites share the same IP address and port.
- the solution is the client sends the hostname in the TLS handshake.
So the DNS or HTTP line "host: mysite.com" is also used in the TLS layer. This example agrees with Antoine but it's in the reverse direction, so maybe he has another one in mind.
http://en.wikipedia.org/wiki/Transport_Layer_Security#Support_for_name-based_virtual_servers http://en.wikipedia.org/wiki/HTTP_Secure#Limitations http://en.wikipedia.org/wiki/Server_Name_Indication
Yuval -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.python.org/pipermail/python-ideas/attachments/20130127/d5bc578f/attachment.html>
- Previous message: [Python-ideas] Fwd: PEP 3156: getting the socket or peer name from the transport
- Next message: [Python-ideas] Fwd: PEP 3156: getting the socket or peer name from the transport
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]