Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Soften SNI requirement #1459

Closed
martinthomson opened this issue Jun 19, 2018 · 2 comments
Closed

Soften SNI requirement #1459

martinthomson opened this issue Jun 19, 2018 · 2 comments
Labels
-http editorial An issue that does not affect the design of the protocol; does not require consensus.

Comments

@martinthomson
Copy link
Member

hq mandates use of the server_name extension rather too strongly.

The Server Name Indication (SNI) extension [RFC6066] MUST be included in the TLS handshake.

RFC 7540 is much weaker on this point.

The TLS implementation MUST support the Server Name Indication (SNI) [TLS-EXT] extension to TLS. HTTP/2 clients MUST indicate the target domain name when negotiating TLS.

If we are to allow SNI encryption, then we should adopt similar language.
@martinthomson martinthomson added editorial An issue that does not affect the design of the protocol; does not require consensus. -http labels Jun 19, 2018
@janaiyengar janaiyengar mentioned this issue Jun 19, 2018
Merged
@MikeBishop
Copy link
Contributor

I'm fine with that change. It seems a little bit of a stretch to read into that language that an alternative to SNI is acceptable, though. I'm almost inclined to add "...MUST indicate the target domain name when negotiating TLS using SNI or another mechanism." just to highlight that SNI isn't the only compliant option.

@MikeBishop
Copy link
Contributor

@martinthomson, the point of my previous comment was that I don't believe Jana's PR clearly fixes this issue.

@MikeBishop MikeBishop reopened this Jun 19, 2018
@janaiyengar janaiyengar mentioned this issue Jun 20, 2018
Merged
@kazuho kazuho mentioned this issue Dec 21, 2018
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
-http editorial An issue that does not affect the design of the protocol; does not require consensus.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@martinthomson @MikeBishop