[prev in list] [next in list] [prev in thread] [next in thread]
List: ietf-tls
Subject: Re: [TLS] Accepting that other SNI name types will never work.
From: Hubert Kario <hkario () redhat ! com>
Date: 2016-03-07 12:00:54
Message-ID: 2907995.2gNzvv7EmL () pintsize ! usersys ! redhat ! com
[Download RAW message or body]
On Thursday 03 March 2016 20:43:42 Dave Garrett wrote:
> Do we want to stick some simple new constraints on SNI in the TLS 1.3
> draft spec? e.g. SHOULD have exactly one host_name which SHOULD be
> less than N bytes (significantly less than the current theoretical
> 64kB ceiling). Just adding a quick blurb for this in there somewhere
> seems like the simplest solution to me.
The standard says that it must be a valid domain name, and those are
IIRC limited to 255 characters.
--
Regards,
Hubert Kario
Senior Quality Engineer, QE BaseOS Security team
Web: www.cz.redhat.com
Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic
["signature.asc" (application/pgp-signature)]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic