BLU Discuss list archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Discuss] My Bank's Web Site is Behaving Oddly
- Subject: [Discuss] My Bank's Web Site is Behaving Oddly
- From: dsr at randomstring.org (Dan Ritter)
- Date: Sat, 7 May 2016 13:05:38 -0400
- In-reply-to: <572E1BE8.1060503@borg.org>
- References: <572A5EFD.1000309@borg.org> <572A698A.1010902@borg.org> <DFEB8F8E-6C8E-421A-9700-1A7E6C39FAB5@polcari.com> <572A6B9A.7030701@borg.org> <bf4d74c2-987f-bdb2-5b46-2dbfc0533a01@mattgillen.net> <572E1BE8.1060503@borg.org>
On Sat, May 07, 2016 at 12:46:32PM -0400, Kent Borg wrote: > On 05/07/2016 08:25 AM, Matthew Gillen wrote: > >On 5/4/2016 5:37 PM, Kent Borg wrote: > >>-kb, the Kent who admits he doesn't know how https works through Akamai > >>and the like. > >It doesn't. Akamai is a TLS termination point. They have the private > >keys of any domain they are proxying for, so they can act as the TLS > >endpoint. > > But TLS can work through a more prosaic proxy, which could do load balancing > and failover stuff. I guess a boring proxy can't serve up cached content > from nearby locations, it has to pass it on encrypted to a machine with the > the right certificate. But it could pass it on wisely and cleverly, couldn't > it? I guess it couldn't do DDoS defense and give each client dedicated IP > addresses, at least not IPv4 addresses. (In a few weeks Apple Store is > going to require ios apps work on IPv6-only networks.) x509 certs don't care about IPs; the browser matches the cert's CN (Common Name) against the domain name it was requesting. -dsr-
- Follow-Ups:
- [Discuss] My Bank's Web Site is Behaving Oddly
- From: kentborg at borg.org (Kent Borg)
- [Discuss] My Bank's Web Site is Behaving Oddly
- References:
- [Discuss] My Bank's Web Site is Behaving Oddly
- From: kentborg at borg.org (Kent Borg)
- [Discuss] My Bank's Web Site is Behaving Oddly
- From: kentborg at borg.org (Kent Borg)
- [Discuss] My Bank's Web Site is Behaving Oddly
- From: joe at polcari.com (Joe Polcari)
- [Discuss] My Bank's Web Site is Behaving Oddly
- From: kentborg at borg.org (Kent Borg)
- [Discuss] My Bank's Web Site is Behaving Oddly
- From: me at mattgillen.net (Matthew Gillen)
- [Discuss] My Bank's Web Site is Behaving Oddly
- From: kentborg at borg.org (Kent Borg)
- [Discuss] My Bank's Web Site is Behaving Oddly
- Prev by Date: [Discuss] My Bank's Web Site is Behaving Oddly
- Next by Date: [Discuss] My Bank's Web Site is Behaving Oddly
- Previous by thread: [Discuss] My Bank's Web Site is Behaving Oddly
- Next by thread: [Discuss] My Bank's Web Site is Behaving Oddly
- Index(es):