Usually I use IP addresses for all application rules, however StartSSL Certificate Revocation checking is doing my head in. They use Akamai to host their Certificate Revocation Lists and their IP addresses are continuously changing all the time, which is a PITA as my svchost allow rules keep needing updating.
I’ve never used Host Names before, so was wondering whether it was possible to use ‘Host Name’ for the rules, instead of IP addresses and add crl.startssl.com as a host name. But I just carried out a quick test with my browser by adding a ‘block IP out from MAC to google.com and www[.]google.com’, but the browser still loaded Google without any problems, indicating that it doesn’t work as I thought it would.
So, what exactly is ‘Host Name’ for and how is it supposed to work? The only thing it says in the Help files is “You can choose a named host by selecting a Host Name which denotes your IP address”, which doesn’t really help much.