Jump to content

SSL Providers

kers7754

By kers7754
in General Discussion

 Share

Recommended Posts

  • Replies 54
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

epretorious Senior Member

epretorious

Posted
Posted
well ive been a webhost since 1999 and ive not come across many hosts that use SSL though SNI due to securtiy issues

 

More FUD. Please provide some credible references instead of just crapping all over the Internet.

 

...certainly the information given is not FUD, and still represents current best practice.

 

And the reason for that... SNI is not universally supported on all platforms/browser combinations, most notably WinXP/IE (and some other browsers IIRC). Compounding the problem, WinXP still has >20% of the desktop browser market (http://gs.statcounter.com/#os-ww-monthly-201204-201304) leaving a potentially large pool of people that won't be able to use a SNI-enabled site.

 

Thus, for many sites that must use SSL (eg eCommerce) SNI is still not (and may not be for a long time) a viable option.

 

I understand your position that SNI is not a viable solution because >20% of the browser market does not support it, Brian. But I believe that easyhosting is doing the community a disservice by claiming that SNI is insecure without providing some credible references. BTW: Thanks for the reference to statcounter.com.

0
Link to comment
Share on other sites
brianr Senior Member

brianr

Posted
Posted

WRT my "information given is not FUD" comment: I was making a generalization regarding the general purview that SNI is not a viable option, and was not commenting specifically on any security implications to SNI. To that point, I stand behind my assertion that the general distaste for SNI is not FUD in and of itself.

 

As far as security goes, as I have no intention to use SNI (for the reasons stated above -- my servers have too high a percentage of commerce sites to justify the few IPs that might be saved vs. the WinXP headaches), I'm not verse on any security implications it may have.

0
Link to comment
Share on other sites
  • 3 weeks later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use & Guidelines and understand your posts will initially be pre-moderated

  I accept