[147344] in cryptography@c2.net mail archive
Re: [Cryptography] [cryptography] TLS2
daemon@ATHENA.MIT.EDU (Ben Laurie)
Mon Sep 30 10:10:12 2013
X-Original-To: cryptography@metzdowd.com
In-Reply-To: <20130930094737.GA9468@netbook.cypherspace.org>
Date: Mon, 30 Sep 2013 11:18:42 +0100
From: Ben Laurie <ben@links.org>
To: Adam Back <adam@cypherspace.org>
Cc: Cryptography Mailing List <cryptography@metzdowd.com>,
Crypto List <cryptography@randombit.net>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
--===============0638215024216795565==
Content-Type: multipart/alternative; boundary=e89a8f13ea9a1da44e04e797293b
--e89a8f13ea9a1da44e04e797293b
Content-Type: text/plain; charset=ISO-8859-1
On 30 September 2013 10:47, Adam Back <adam@cypherspace.org> wrote:
> I think lack of soft-hosting support in TLS was a mistake - its another
> reason not to turn on SSL (IPv4 addresses are scarce and can only host one
> SSL domain per IP#, that means it costs more, or a small hosting company
> can
> only host a limited number of domains, and so has to charge more for SSL):
> and I dont see why its a cost worth avoiding to include the domain in the
> client hello. There's an RFC for how to retrofit softhost support via
> client-hello into TLS but its not deployed AFAIK.
>
Boy, are you out of date:
http://en.wikipedia.org/wiki/Server_Name_Indication.
--e89a8f13ea9a1da44e04e797293b
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr"><div class=3D"gmail_extra"><br><div class=3D"gmail_quote">=
On 30 September 2013 10:47, Adam Back <span dir=3D"ltr"><<a href=3D"mail=
to:adam@cypherspace.org" target=3D"_blank">adam@cypherspace.org</a>></sp=
an> wrote:<br>
<blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-=
left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;p=
adding-left:1ex"><div id=3D":plf" style=3D"overflow:hidden">I think lack of=
soft-hosting support in TLS was a mistake - its another<br>
reason not to turn on SSL (IPv4 addresses are scarce and can only host one<=
br>
SSL domain per IP#, that means it costs more, or a small hosting company ca=
n<br>
only host a limited number of domains, and so has to charge more for SSL):<=
br>
and I dont see why its a cost worth avoiding to include the domain in the<b=
r>
client hello. =A0There's an RFC for how to retrofit softhost support vi=
a<br>
client-hello into TLS but its not deployed AFAIK.<br></div></blockquote></d=
iv><br>Boy, are you out of date:=A0<a href=3D"http://en.wikipedia.org/wiki/=
Server_Name_Indication">http://en.wikipedia.org/wiki/Server_Name_Indication=
</a>.</div>
</div>
--e89a8f13ea9a1da44e04e797293b--
--===============0638215024216795565==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
--===============0638215024216795565==--
