Re: http2 opportunistic security negotiation from Eric Rescorla on 2015-02-06 (ietf-http-wg@w3.org from January to March 2015)

From: Eric Rescorla <ekr@rtfm.com>
Date: Fri, 6 Feb 2015 11:03:19 +1100
To: Erik Nygren <erik@nygren.org>
Cc: Ilari Liusvaara <ilari.liusvaara@elisanet.fi>, "ietf-http-wg@w3.org Group" <ietf-http-wg@w3.org>
Message-ID: <CABcZeBMk6UE7cHg5t_MhhhATgWmTMk6J_BEohXd98cd0-z1yrg@mail.gmail.com>

On Fri, Feb 6, 2015 at 9:21 AM, Erik Nygren <erik@nygren.org> wrote:

> On Thu, Feb 5, 2015 at 11:28 AM, Ilari Liusvaara <
> ilari.liusvaara@elisanet.fi> wrote:
>
>>
>> Even TLS 1.3 won't encrypt the ALPN (at least as TLS 1.3 currently is).
>
>
>
> Why can't the server's ALPN response be in EncryptedExtensions for a TLS
> 1.3 ServerHello
> even if the client's ALPN (a superset so less interesting) is in-the-clear
> in the ClientHello?
>

That is my expectation, since it falls into the category of extensions
"which are not needed to establish the cryptographic context"

-Ekr


>      Erik
>
>

Received on Friday, 6 February 2015 00:04:28 UTC