[ietf78-tech] Fwd: Certificates for the IETF
Geert Jan de Groot
geertj at psg.com
Thu Jul 15 13:40:16 PDT 2010
On Wed, 14 Jul 2010 13:43:46 -0700 John Kemp wrote:
> IP for the webpage has to be on the VLAN of the client.
> Name for that IP has to resolve to match the certificate.
> IP for that Name has to work when the client fetches it.
I'm probably missing something, but:
How about using using split DNS? If a DNS request comes from
vlan 112, we give the portal IP on vlan 112, if the DNS
request comes in on vlan 128, we give the portal IP on vlan 128.
Both IP addresses share the same hostname & certificate.
What am I missing?
(I'm not sure how many non-WPA-capable 802.11A clients we'll
encounter, but that's another thing)
GJ
More information about the ietf78-tech
mailing list