On Tue, 29 Aug 2000, Roland Dobbins wrote:
The SSL issue is a real one, and I don't know how to get around it.
It's not the only one. I happen to work for a hosting isp and we have had many discussions on this one. None of my collegues have been able to give me the solution to the following issue: As we all know, cname hosting is based on the same IP. Using the IP of a site could be a form of securitychecking. Let me explain: Imagine we have a site on www.foo.bar with the IP 10.0.0.1. Now we have a customer that wants to put sensitive information on www.foo.bar/customersite. This information would me far more secure if the customer would link to http://10.0.0.1/customersite instead of http://www.foo.bar/customersite. Why? It's simple; imagine some lamer writing a trojan that would change your /etc/hosts or C:\windows\hosts files... It happened to a bank in The Netherlands about 2 years ago (published in the magazine Computer Idee for the dutch readers). I think cname hosting will be unavoidable (is that correct english?) in the next few months but every hosting company should be given enough IP's to offer ip-based hosting too, even if it's nog going to be the standard package... And then we are not even talking about those nice PTR records for a host which (I admit) are purely cosmetic but I think it will be a way of being "cool" if you have a PTR for your A when cname hosting get's The Usual Way of business. -- Sabri Berisha `~*-[vuurwerk internet] bofv-ripe@whois.ripe.net Linux / FreeBSD Scriptkiddo hoping-to-be-ccnp-soon my personal opinion yadda yadda