You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
hq mandates use of the server_name extension rather too strongly.
The Server Name Indication (SNI) extension [RFC6066] MUST be included in the TLS handshake.
RFC 7540 is much weaker on this point.
The TLS implementation MUST support the Server Name Indication (SNI) [TLS-EXT] extension to TLS. HTTP/2 clients MUST indicate the target domain name when negotiating TLS.
If we are to allow SNI encryption, then we should adopt similar language.
The text was updated successfully, but these errors were encountered:
I'm fine with that change. It seems a little bit of a stretch to read into that language that an alternative to SNI is acceptable, though. I'm almost inclined to add "...MUST indicate the target domain name when negotiating TLS using SNI or another mechanism." just to highlight that SNI isn't the only compliant option.
hq mandates use of the server_name extension rather too strongly.
RFC 7540 is much weaker on this point.
If we are to allow SNI encryption, then we should adopt similar language.
The text was updated successfully, but these errors were encountered: