HTTPS Everywhere is a wonderful concept, but of course we need functionality first, which means dealing with the whole PKI issue. So, when stuff is located in countries with limited IPv4 addresses, how can this be accomplished? - Simply put SNI allows for any number of certificates to work on a single IP address. Basically it extends the HTTPS negotiation protocol to include the domain name. Without that, the connection is made to an IP address first, before the domain name is available. - However, there are clients whose support for SNI does not exist, including Blackberry v7.1 and below, Android 2.x and below, and any browser on Windows XP. Current sites have up to 10% of visitors and 5% of customers. So that means what is required is an IP address for each domain name. Also, it means that single domains for an organization, with the domain name being the same as the organization name, is the best approach (when using things like extended validation).
Two drowning men don’t make a swimmer.
— Garel Rhys
- Ten Million Years
- The Problem with H1
- The World Until Yesterday – Book Review
- Paypal vs. Stripe
- WooCommerce Paypal Settings
- Telegram for Social Networking
- Syncthing = Dropbox & GDrive Alternative
- APT – Advanced Package Tool
- Delete Site Cache from Chrome
- Tidying Up Digitally
- Toddler Constipation – Not Pooping!
- Top 10 Basic Video/Photo Mistakes
- Construction Innovation
- Podcast Platforms
- Generic Roadmap
- Reverse Sear Redneck Sous Vide
- New Year 2019 CE / 2562 BE
- DNS Records and Services
- WordPress – Soup to Nuts
- WordPress 5 – Automattic Waterloo