On Tue, Sep 27, 2011 at 5:29 PM, David E. Smith <dave@mvn.net> wrote:
On Tue, Sep 27, 2011 at 17:08, Jimmy Hess <mysidia@gmail.com> wrote:
That is, HTTPs should become assumed. As much as that would be wonderful from a security standpoint, IMO it's not realistic to expect every mom-and-pop posting a personal Web site to pay extra for a static/dedicated IP address from their hosting company (even if IPv6 were widely deployed, Web hosts probably would
Thanks to TLS SNI (server name indication), a dedicated IP address is no longer necessarily, RFC 3546, 3.1. Yes, it is realistic to expect every mom-and-pop posting a personal web site to utilize a provider that implements SNI, and the sooner they do it. It's also realistic to expect them to buy one of those $15 SSL certificates. Heck.... 1 year .COM registration used to cost a lot more than that. We're not talking about huge recurring costs here. -- -JH