- From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
- Date: Wed, 28 Jan 2015 10:10:17 +0000
- To: ietf-http-wg@w3.org
I haven't been following this discussion fully so apologies if this was covered but I think I've seen various emails in this thread that are assuming that ALPN will be a reliable way to know what protocol is being carried within TLS. Now that may be true to an extent today, but please bear in mind that ALPN was selected over NPN mostly because it required less change to TLS and could thus be more easily deployed. At the time that the TLS WG made that decision, I believe that they did intend that ALPN values would be encrypted in the TLS1.3 handshake, thus restoring that feature of NPN that had been dropped for pragmatic reasons. So if the httpbis WG want to make some future uses of ALPN that call for a middlebox to be able to see the value, then I think you should communicate with the TLS folks to see what they plan for this in TLS1.3. (I don't recall that having been discussed since the ALPN/NPN discussions, but there have been a few TLS WG interims that I wasn't at, so it may have been.) Cheers, S.
Received on Wednesday, 28 January 2015 10:10:48 UTC