W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2013

Re: Framing and control-frame continuations

From: Amos Jeffries <squid3@treenet.co.nz>
Date: Thu, 07 Feb 2013 14:21:21 +1300
Message-ID: <51130191.9050601@treenet.co.nz>
To: Ilari Liusvaara <ilari.liusvaara@elisanet.fi>
CC: ietf-http-wg@w3.org
On 7/02/2013 6:06 a.m., Ilari Liusvaara wrote:
> On Thu, Feb 07, 2013 at 12:47:08AM +1300, Amos Jeffries wrote:
>> Magic" below.  I've been holding this off while I try to figure out
>> what bit ranges the TLS handshakes are detectible with. It seems
>> 32-bits is required if we merge TLS port 443 traffic into this
>> magic, but I'm not yet completely certain of that.
> AFAIK, the first bytes from client in current TLS connections are:
> 0x16 (Handshake packet)
> 0x03 (SSLv3 or TLS v1.x)
> 0x00-0x03 (At least until TLSv1.3 appears, that would use 0x04).
> Then there's the SSLv2 compatiblity handshake. Hope nothing uses
> that anymore.
> -Ilari

Thank you. I was loosing hope of finding these in the TLS RFC's.

So the relevant magic for TLS is F=0,C=0, type=0x16, top byte of the 
length field being non-0x0. Meaning we can distinguish it easily from 
WebSockets and HTTP/2 client. Good news there.

Received on Thursday, 7 February 2013 01:21:51 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 1 March 2016 11:11:10 UTC