Josselin Jacquard wrote:
Thanks for your response.
Let's say A wants to contact B with SSL.
A send a ssl request to B, but C instead of B answers, because C and B
have the same address (maybe there are behind the same NAT).
C was expecting a call from A, so he accepts the connection.
What I'm trying to do is that I want C to detects that he wasn't the
destination, therefore I want to put B name in the SSL connection, but
not in the cert issuing from A, because I don't want to issue a new
cert for each destination.
um, sounds half baked.
with NAT, the only externally initiated traffic that makes it in from
outside is traffic thats 'port forwarded'. a given port can only be
forwarded to one private host, so if you have two hosts that are behind
a single public IP via NAT that are running services, you would need to
use two different ports to distinguish them
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
