Boston Linux & UNIX was originally founded in 1994 as part of The Boston Computer Society. We meet on the third Wednesday of each month at the Massachusetts Institute of Technology, in Building E51.

BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] My Bank's Web Site is Behaving Oddly

On Sat, May 07, 2016 at 12:46:32PM -0400, Kent Borg wrote:
> On 05/07/2016 08:25 AM, Matthew Gillen wrote:
> >On 5/4/2016 5:37 PM, Kent Borg wrote:
> >>-kb, the Kent who admits he doesn't know how https works through Akamai
> >>and the like.
> >It doesn't. Akamai is a TLS termination point.  They have the private
> >keys of any domain they are proxying for, so they can act as the TLS
> >endpoint.
> But TLS can work through a more prosaic proxy, which could do load balancing
> and failover stuff. I guess a boring proxy can't serve up cached content
> from nearby locations, it has to pass it on encrypted to a machine with the
> the right certificate. But it could pass it on wisely and cleverly, couldn't
> it? I guess it couldn't do DDoS defense and give each client dedicated IP
> addresses, at least not IPv4 addresses.  (In a few weeks Apple Store is
> going to require ios apps work on IPv6-only networks.)

x509 certs don't care about IPs; the browser matches the cert's
CN (Common Name) against the domain name it was requesting.


BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!

Boston Linux & Unix /