- From: Adrien de Croy <adrien@qbik.com>
- Date: Tue, 27 Jan 2015 19:56:14 +0000
- To: "Martin Thomson" <martin.thomson@gmail.com>
- Cc: "Willy Tarreau" <w@1wt.eu>, "HTTP Working Group" <ietf-http-wg@w3.org>
------ Original Message ------ From: "Martin Thomson" <martin.thomson@gmail.com> To: "Adrien de Croy" <adrien@qbik.com> Cc: "Willy Tarreau" <w@1wt.eu>; "HTTP Working Group" <ietf-http-wg@w3.org> Sent: 28/01/2015 6:32:35 a.m. Subject: Re: New tunnel protocol >On 27 January 2015 at 01:01, Adrien de Croy <adrien@qbik.com> wrote: >> >> Willy - I think the intention is that this is used whether or not >>there is >> TLS in play, but that the ALPN token used in Tunnel-Protocol wouldn't >>match >> what is in the ALPN in any tunneled TLS (if any). > >The opposite of that. See HTTP/2. > >> E.g. if tunneling SMTP over TLS, you'd advertise smtps in the >> Tunnel-Protocol header, and smtp in the ALPN field in the client helo >>in >> TLS. > >If "smtps" identifies a profile of SMTP that runs over TLS, both >places would use that string. > >The intent is to have the two match exactly. therein the problem. Surely if the next protocol after TLS is smtp, then you don't advertise smtps in the TLS ALPN???? Pretty sure captures I've seen seen for https, only advertise http inside the ALPN field in the TLS client hello message. Adrien
Received on Tuesday, 27 January 2015 19:57:11 UTC