[Rhodes22-list] New Beginnings - Da List
John Lock
jlock at relevantarts.com
Thu Jan 3 13:41:22 EST 2008
At 01:08 PM 1/3/2008 -0500, Robert Skinner wrote:
>* While we can assume that any server John puts
> online will be internally secure, would it be
> possible for Rhodies to log in and access the
> site via a secure link so passwords, etc.
> couldn't be intercepted?
Yes, that will be available (although not as "rhodes22.org"). This
is a really esoteric topic and of little value for most list
members. Feel free to skip the rest unless you're a glutton for
techie details.
The feature that Robert mentions is provided by an SSL certificate,
purchased by the owning organization. The SSL certificate does two
things: 1) Once invoked, it encrypts all traffic between the client
and the server, and 2) It confirms the identity of the website owner.
#2 is the problematic one because there is no "official" Rhodes 22
owner organization. Therefore a certificate authority will not issue
a certificate to an organization that does not exist.
We get around that by using generic certificates based on the
identity of the hosting provider, rather than the hosted
organization. That means - instead of using a web address like
https://www.rhodes22.org/ to invoke the SSL feature, it might look
something like https://raeid22.raenet.com/rhodes22/ (just
speculating here because I haven't set it up yet).
The end result is a secured connection without having to purchase and
maintain a private SSL certificate. The only side-effect is having
to use different URLs for the secured portions of the website. This
is of little concern to most users, since you will most likely just
follow links in web pages, which would coded to take all this into account.
Cheers!
John Lock
~~~~~~~~~~~~~~~~~~
s/v Pandion - '79 Rhodes 22
Lake Sinclair, GA
~~~~~~~~~~~~~~~~~~
More information about the Rhodes22-list
mailing list