On Mon, Aug 21, 2000 at 03:15:06PM +0300, Marko Asplund wrote:
> On Mon, 21 Aug 2000, Lutz Jaenicke wrote:
> > ...
> > The browsers don't have the slightest idea on the "server name". The only
> > reliable information is the URL. A hostname being obtained by DNS lookup
> > may already be faked by
On Mon, Aug 21, 2000 at 03:15:06PM +0300, Marko Asplund wrote:
> > The browsers don't have the slightest idea on the "server name". The only
> > reliable information is the URL. A hostname being obtained by DNS lookup
> > may already be faked by someone tampering with your DNS servers (or packets)
>From my experience with a Thawte certificate: I could use a
www.something.co.za certificate for
https, simap, spop and some other things as long as the name used by the
program requesting it, was www.something.co.za. The protocol and ports
did not matter at all.
Hope this helps.
Robert Sandilan
On Mon, 21 Aug 2000, Lutz Jaenicke wrote:
> ...
> The browsers don't have the slightest idea on the "server name". The only
> reliable information is the URL. A hostname being obtained by DNS lookup
> may already be faked by someone tampering with your DNS servers (or packets).
> A server name se
Hi,
> Marko Asplund [SMTP:[EMAIL PROTECTED]] asked:
[...]
> i'm a bit confused by this message. the common name field in the
> certificate signing request is CN=puppa.huuhaa.org. how can it be that
> browsers would give name mismatch warnings if the URL used is not
> https://puppa.huuhaa.org/? do
On Mon, Aug 21, 2000 at 12:55:42PM +0300, Marko Asplund wrote:
> i'm a bit confused by this message. the common name field in the
> certificate signing request is CN=puppa.huuhaa.org. how can it be that
> browsers would give name mismatch warnings if the URL used is not
> https://puppa.huuhaa.org/
