Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
proposal: crypto/tls: add an API to allow registering custom TLS extensions #25807
The TLS protocol includes several points of extensibility, including list of TLS extensions. The values in these lists identify implementation capabilities. TLS follows a model where one side, usually the client, advertises capabilities and the peer, usually the server, selects them.
Currently support for TLS extensions is implemented in
Problem with this approach is that (i) adding new extensions requires code changes in
I would like to evaluate an idea of an API that allows users of "crypto/tls" to register theirs own implementation of TLS extensions. This would be useful for rarely used TLS extensions or those ones which are in kind of "draft" phase. From one hand - it would be good to have a possibility of supporting them to some extend, from the other hand Go team wouldn't need to maintain them.
Idea would be to provide similar code that's already available in boringssl (see
I'm not sure yet what are downsides of such code. Thoughts?