|
|
|
|
|
|
by bigiain
4713 days ago
|
|
|
Five (or ten) years ago, NAT was "the solution" – which helped and worked for longer than the doomsayers predicted. Today, I suspect SNI will be the important stop-gap measure. There's a whole bunch of websites out there on shared hosting with dedicated IP(v4) addresses for their vhost just so they can use SSL certs for https connections. If we can ignore Windows XP users and IE6 users, SNI allows SSL certs on shared IP addresses - if I can think of a few dozen "unnecessary" IP addresses this little web development firm consumes, I suspect big hosting companies could probably find thousands or tens of thousands of similarly used IP addresses. (Having said that, analytics still shows a startlingly high number of WinXP and IE6 users out there. It'd be interesting to see if any of them ever "convert" in ways that'd require SSL certs? I understand why the use of pirated XP and 10 year old hardware are rampant across the 3rd world, for _my_ clients that demographic is almost certainly not likely to be ecommerce customers... That's a bit of a personally skewed perspective though, there's no good argument to be made that says wikileaks/twitter/gmail users on old hard/software shouldn't get ssl protection, but I suspect high-end bed linen online shops wouldn't be hurt at all by using SNI and thereby increasing friction for IE6/WinXP users…) |
|
|
That's the problem. A few million addresses would stretch things out by a couple of months.. But the cost of getting a few million websites onto SNI would far exceed any benefit.