Well, that is true, but what do you propose then? just present a host cert and nothing else? I would say that if the company trust the hosting for running the service, a mere certficate should not be the problem, should it?

On 10/13/05, Juha Heinanen <jh@tutpro.com> wrote:

cesc,

you made a good summary, but in multi-domain case, it is not just a
technical problem on how to present or offer a domain specific
certificate. in order to be able to do that, the domains have to
surrender their private keying information to a provider that currently
happens to host their sip service, and to another provider that hosts
their web service, and to third provider that hosts their e-commerce
service, etc.

in most cases, this is simply out of question. companies are not going
to do it.

-- juha