2010/1/17 John R Pierce <pie...@hogranch.com> > Josselin Jacquard wrote: > >> Thanks for your response. >> Let's say A wants to contact B with SSL. >> A send a ssl request to B, but C instead of B answers, because C and B >> have the same address (maybe there are behind the same NAT). >> C was expecting a call from A, so he accepts the connection. >> >> What I'm trying to do is that I want C to detects that he wasn't the >> destination, therefore I want to put B name in the SSL connection, but not >> in the cert issuing from A, because I don't want to issue a new cert for >> each destination. >> > > um, sounds half baked. > > with NAT, the only externally initiated traffic that makes it in from > outside is traffic thats 'port forwarded'. a given port can only be > forwarded to one private host, so if you have two hosts that are behind a > single public IP via NAT that are running services, you would need to use > two different ports to distinguish them
Yep, I simplified the explanation, but A tries several address to contact B, and it might in his attempt contact another unwanted server. Bye > > > > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org >
