[Python-ideas] Fwd: PEP 3156: getting the socket or peer name from the transport
Umbrella Code
shane at umbrellacode.com
Sun Jan 27 18:51:32 CET 2013
Thanks Yuval, that's a good example and explanation.
Sent from my iPad
On Jan 27, 2013, at 9:41 AM, Yuval Greenfield <ubershmekel at gmail.com> wrote:
> On Sun, Jan 27, 2013 at 7:11 PM, Umbrella Code <shane at umbrellacode.com> wrote:
>> It's been a few years so my memory must be rusty, but where is the https protocol dependent on the transport/SSL setup in that way?
>>
>> Sent from my iPad
>>
>> Begin forwarded message:
>
> I can't speak for Antoine but I'm guessing he's talking about SNI:
>
> * a VPS server hosts 2 sites with 2 certificates for "mysite.com" and "yoursite.com"
> * the original TCP server has no idea which cert to use as both sites share the same IP address and port.
> * the solution is the client sends the hostname in the TLS handshake.
>
> So the DNS or HTTP line "host: mysite.com" is also used in the TLS layer. This example agrees with Antoine but it's in the reverse direction, so maybe he has another one in mind.
>
> http://en.wikipedia.org/wiki/Transport_Layer_Security#Support_for_name-based_virtual_servers
> http://en.wikipedia.org/wiki/HTTP_Secure#Limitations
> http://en.wikipedia.org/wiki/Server_Name_Indication
>
> Yuval
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-ideas/attachments/20130127/55dcb23b/attachment.html>
More information about the Python-ideas
mailing list