Yet MORE https.

[swestrup]

So in the wellwhadayaknow department, it appears that it IS theoretically possible to build an https demux as I had originally intended! It turns out that although an https server must (without any info from the client) identify itself with a single certificate, signed by a single trusted CA, and containing a single Distinguished Name (whis is expected to be the fully-qualified domain-name of the server), there is a workaround.

A certificate may have an optional SubjectAlternativeName extension, which may contain an arbitrary number of DNSName fields, each of which is a domain name which is valid for the server. In fact, in the PKI Class 4 recommendation, the Distinguished Name is recommended to NOT be a fqdn and any fqdn should appear in a DNSName field, even if it is singular.

So far no browser that I am aware of supports this feature for https connections, so this is only of theoretical use. On the other hand, unlike http/tls which requires a fair bit of work to implement, the DNSName system is easy to implement and already exists in a number of open source SSL libraries, so is likely to be a common feature by this time next year. The big question is: how long after that will it be safe to use? I'm still supporting HTTP 1.0 on this server (1.1 came out in 2001), but I'm told that its now extremely rare in anything but bots.

Comments

[pphaneuf.livejournal.com]

So do you have to go back to your CA and get your certification resigned and all of that? That's fairly high overhead still, although it's better than nothing...

[swestrup]

Since this is for a local site, I am my own CA, and can sign things willy-nilly if I want. In practice, I would need to get my cert resigned every time I added another name to the list, so I would be better off if I created a local CA to sign my servers with, and only paid *once* to get my local CA cert signed by some well-known CA.