Re: http2 opportunistic security negotiation

On Fri, Feb 6, 2015 at 9:21 AM, Erik Nygren <erik@nygren.org> wrote:

> On Thu, Feb 5, 2015 at 11:28 AM, Ilari Liusvaara <
> ilari.liusvaara@elisanet.fi> wrote:
>
>>
>> Even TLS 1.3 won't encrypt the ALPN (at least as TLS 1.3 currently is).
>
>
>
> Why can't the server's ALPN response be in EncryptedExtensions for a TLS
> 1.3 ServerHello
> even if the client's ALPN (a superset so less interesting) is in-the-clear
> in the ClientHello?
>

That is my expectation, since it falls into the category of extensions
"which are not needed to establish the cryptographic context"

-Ekr


>      Erik
>
>

Received on Friday, 6 February 2015 00:04:28 UTC