[thelist] inaddr arpa, AOL, SSL

Aaron Johnson ajohnson at mindseye.com
Tue Apr 17 16:44:22 CDT 2001


> Did you try an nslookup on the www2 Domain? Does that resolve to
> the proper
> IP?
	== Yeah, I did an nslookup on www2.  That returns fine.


> AFAIK - SSL doesn't need a reverse lookup to setup a valid
> connection.
> Besides the reverse lookup would be done by the server about
> "you" (FTP and
> Telnet and SSH work this way).
	== I believe you. But... :)  When I ask the server for it's credentials
(client --> server) via ip, it tells me it's www2.somedomain.com.  To make
an SSL connection, don't I then need to verify that www2.somedomain.com is
who it says it is by doing a reverse lookup?   If not, couldn't joe schmoe
ISP then change it's dns records to point to itself and then steal credit
card numbers from a supposedly secure site?


Aaron Johnson, MCSE, MCP+I
Allaire Certified ColdFusion Developer
MINDSEYE, Inc.
<phn>617.350.0339
<fax>617.350.8884
<icq>66172567
ajohnson at mindseye.com






More information about the thelist mailing list