|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: ARIN Policy on IP-based Web Hosting
It's a far-*left* policy - "We're ARIN, and we know how best everyone's resources should be allocated." A far-right policy would be "Here are these IPs you've requested; use them as you will, but don't come whining back to us for more because you underestimated your initial request." This would be far preferable. The SSL issue is a real one, and I don't know how to get around it. One would assume that this would qualify as an 'exception'; however, how are they going to verify what you're using them for? Are they going to nmap your networks to see if you're really running SSL on the IPs you've requested? -- ------------------------------------------------------------ Roland Dobbins <[email protected]> // 818.535.5024 voice Bill Fumerola wrote: > > On Tue, Aug 29, 2000 at 06:43:30PM -0400, [email protected] wrote: > > > Unless something's changed recently, SSL still requires IP based virtual > > hosting. Here's a clipping from the c2.net Stronghold FAQ: > > > > Should I use name-based or IP-based virtual hosts? > > > > Name-based virtual hosts do not work with SSL because certificates are > > sent before server names are established. Secure virtual hosts must be > > either IP-based or port-based. IP-based virtual hosts are more > > convenient, as users would have to remember the port numbers for > > port-based virtual hosts. > > Nothing has changed. There still is a chicken/egg relationship with trying > to do namebased virtual hosts with SSL. > > You have to know which certificate to present based on the name... > and > ... you don't know the name until the certificate exchange is complete. > > Speaking as a application provider who _has_ to have independent sites > running SSL per customer, I still need a 1:1 relationship with IP and > hosts. > > ARIN need to take a hit off the clue-pipe before coming down with > such a far-right policy. > > -- > Bill Fumerola - Network Architect, BOFH / Chimes, Inc. > [email protected] / [email protected]
|