Re: Demultiplexing HTTP and DNS on the same listener [New Version Notification for draft-dkg-dprive-demux-dns-http-02]

On 4 May 2017 at 10:43, Daniel Kahn Gillmor <> wrote:
> I address this in the draft section "Why not ALPN?" -- if anyone thinks
> the text there could be improved, i'd be happy to hear suggestions for
> how to change it.

Mike is suggesting that you define one that is "http + dns" or maybe
"http or dns", which would mean that you could use either.  Then you
convince existing HTTP clients to use that (a few browsers would do
the job).  Even if they didn't actually DO DNS, you would still be
able to hide in the mass/mess that they represent.

In TLS 1.3, the server choice is hidden, so even where the server
doesn't pick this choice, it works.  In TLS 1.2, you probably want to
convince a few servers to pick this new thing, but that obviously
means more work for those servers.

Received on Thursday, 4 May 2017 01:12:34 UTC