At 09:48 04/07/98 +0100, you wrote:
>> 5) I read somewhere that I can get a Thawte certificate (maybe anybody's
>> cert?) associated with a wildcard domain name e.g. *.SCL.co.uk. If that's
>> the case it surely makes sense to do it so that I can play around with the
>> names later on if necessary. Are there any drawbacks to doing that?
>
>Technically no, but you are obviously downgrading the level of trust
>that one can apply to the cert - you are using a generic 'site' cert, as
>opposed to one for that particular server, and that introduces an
>elelement of doubt into the trust equation. And no, you can't get
>anybody's - Versign, for example, specifically disallow 'special'
>characters.
I'm a bit foxed by that response. I can see your point about "downgrading
the level of trust" _in_the_abstract_ but the nuts'n'bolts elude me! I
don't understand at what point in the whole process the domain name against
which the certificate is issued is actually referenced. This domain name is
presumably embedded in the certificate, and at some point (or points) this
name is compared to.... some other name... But which name, and by what, and
when??? If that's too darn complicated to explain, perhaps someone could
point me at some documentation.
TIA
John Sutton
***************************************************
John Sutton
SCL Computer Services
URL http://www.scl.co.uk/
Tel. +44 (0) 1239 621021
***************************************************