Status of RFC 2817 and RFC 3546 implementations
Submitted by specialj on Wed, 2007-12-19 18:17.
Both of these RFC’s attempt to solve the problem that each SSL website must have its own ip. Or, in other words, they would allow name based virtual hosting for secure (ssl or tls) connections. This question sill comes up frequently as users are surprised that no one has solved this problem in the years since SSL became used for the web. The upside is that Apache now seems to support both standards, RFC 2817 in mod_ssl (2.1 and later) and RFC 3556 in mod_gnutls (0.2.0 and later). It looks like RFC 3546 is implemented in Firefox 2, Opera 8, Konqueror 4, and Internet Explorer 7. The only browser missing is Safari. So it looks like RFC 2817 is dead and RFC 3546 is the way to go. After reading up on mod_gnutls I’m excited to try it out.
- TLS for HTTP
- mod_ssl 2.2
- mod_gnutls
- SSL-enabled Name-based Apache Virtual Hosts with mod_gnutls
- SNI penetration
- Phishing for SNI progress - tantalisingly close?
Trackback URL for this post:
http://hightechsorcery.com/trackback/10
Recent comments
1 week 4 days ago
2 weeks 2 days ago
2 weeks 2 days ago
2 weeks 2 days ago
2 weeks 4 days ago
2 weeks 6 days ago
5 weeks 3 days ago
5 weeks 3 days ago
5 weeks 3 days ago
5 weeks 5 days ago