> On 10 Feb 2016, at 5:00 pm, Gary L. Wade <garyw...@desisoftsystems.com> wrote: > > You've made my point. None of my friends would even bother with looking at > the certificate for his site (assuming that's his site from his email > address) and move on. At worst, they'd call me and I'd say don't go there > since I don't want them to screenshot that and text it to me to figure it out.
No, you are misunderstanding me. My point is that it may not be valid to assume the web server at 213.186.33.24 (to which xenonium.com resolves) will answer to HTTPS with a cert for "xenonium.com". For example, https://213.186.33.24 presents the same "hostname mismatch" alert, because the cert is not named for "213.186.33.24". Conduct the same exercise for any A record returned for www.apple.com, and you'll also get this result. Completely expected. Now, if Jean-Daniel has stated definitively that https://xenonium.com is expected to serve up a matching certificate, you have an argument I would agree with. But for all we know (unless I've missed it), he's serving his material at https://ssl13.ovh.net. b _______________________________________________ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
