Re: http2 opportunistic security negotiation from Erik Nygren on 2015-02-05 (ietf-http-wg@w3.org from January to March 2015)

From: Erik Nygren <erik@nygren.org>
Date: Thu, 5 Feb 2015 17:21:26 -0500
To: Ilari Liusvaara <ilari.liusvaara@elisanet.fi>
Cc: "ietf-http-wg@w3.org Group" <ietf-http-wg@w3.org>
Message-ID: <CAKC-DJjArVEBCEeY47mKYceP5Lt+RThbKWwp7_WZCOmsoXWbag@mail.gmail.com>

On Thu, Feb 5, 2015 at 11:28 AM, Ilari Liusvaara <
ilari.liusvaara@elisanet.fi> wrote:

>
> Even TLS 1.3 won't encrypt the ALPN (at least as TLS 1.3 currently is).

Why can't the server's ALPN response be in EncryptedExtensions for a TLS
1.3 ServerHello
even if the client's ALPN (a superset so less interesting) is in-the-clear
in the ClientHello?

     Erik

Received on Thursday, 5 February 2015 22:21:54 UTC