[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ietf-tls
Subject:    Re: [TLS] Accepting that other SNI name types will never work.
From:       Hubert Kario <hkario () redhat ! com>
Date:       2016-03-07 12:00:54
Message-ID: 2907995.2gNzvv7EmL () pintsize ! usersys ! redhat ! com
[Download RAW message or body]


On Thursday 03 March 2016 20:43:42 Dave Garrett wrote:
> Do we want to stick some simple new constraints on SNI in the TLS 1.3
> draft spec? e.g. SHOULD have exactly one host_name which SHOULD be
> less than N bytes (significantly less than the current theoretical
> 64kB ceiling). Just adding a quick blurb for this in there somewhere
> seems like the simplest solution to me.

The standard says that it must be a valid domain name, and those are 
IIRC limited to 255 characters.

-- 
Regards,
Hubert Kario
Senior Quality Engineer, QE BaseOS Security team
Web: www.cz.redhat.com
Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic
["signature.asc" (application/pgp-signature)]

[prev in list] [next in list] [prev in thread] [next in thread]