On 15-jul-2005, at 19:14, Ned Freed wrote:
>> If they are, they're probably using some kind of proxy or NAT setup,
>> for instance, having SSL sessions decrypted and then forwarded to the
>> actual server port, making all the sessions seem to come from the
>> same address.
> Exactly. SSL hardware is certainly one reason for such setups.
> Others include
> webmail, content filters, content transformers, auditing/
> monitoring, and IMAP4
> before SMTP coordination.
Ah, the plot thickens.
A good solution here would be a private protocol extension between
the different hosts that provide part of the service. Always good
when you don't have to upgrade the entire internet to solve the
problem at hand. :-)
We already use this trick in a couple of places. But it only works when the
components all come from the same vendor. In many cases they don't. For
example, we often see our IMAP server used with someone else's webmail
interface.
Ned
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf