Re: [reSIProcate] Suggestion regarding Client support for TLS SNI extension.
On 30/07/16 22:42, Udit Raikwar wrote:
> Hello,
> I have created a Pull request[1] in which I am enabling client support
> for TLS SNI extension.
> Server Name Indication (SNI) is an extension to the TLS computer
> networking protocol by which a client indicates which hostname it is
> attempting to connect to at the start of the handshaking process. It
> allows multiple hostnames to be served over HTTPS from the same IP
> address. (Please read [2] or [3] for more information)
>
> At present in resiprocate, SNI extension is not supported, to enable sni
> support in client side I have added some code in
> resip/stack/ssl/TlsConnection.cxx file. I have checked the server name
> in 'Client Hello' using wireshark.
>
> Client Hello without SNI supported: https://i.imgsafe.org/54bf8257b4.png
> Client Hello with SNI supported: https://i.imgsafe.org/54c253a037.png
>
> Does anyone have any suggestions on supporting tls sni extension.
>
I think it is good to support this
For people who want perfect backwards compatibility it may be nice to
have a configuration option to enable/disable client SNI, does anybody
feel this is essential before we accept Udit's change?