< Previous by Date Date Index Next by Date >
< Previous in Thread Thread Index  

Re: [reSIProcate] Suggestion regarding Client support for TLS SNI extension.



On 30/07/16 22:42, Udit Raikwar wrote:
> Hello,
> I have created a Pull request[1] in which I am enabling client support
> for TLS SNI extension. 
> Server Name Indication (SNI) is an extension to the TLS computer
> networking protocol by which a client indicates which hostname it is
> attempting to connect to at the start of the handshaking process. It
> allows multiple hostnames to be served over HTTPS from the same IP
> address. (Please read [2] or [3] for more information)
> 
> At present in resiprocate, SNI extension is not supported, to enable sni
> support in client side I have added some code in
> resip/stack/ssl/TlsConnection.cxx file. I have checked the server name
> in 'Client Hello' using wireshark.
> 
> Client Hello without SNI supported: https://i.imgsafe.org/54bf8257b4.png 
> Client Hello with SNI supported: https://i.imgsafe.org/54c253a037.png 
> 
> Does anyone have any suggestions on supporting tls sni extension.
> 


I think it is good to support this

For people who want perfect backwards compatibility it may be nice to
have a configuration option to enable/disable client SNI, does anybody
feel this is essential before we accept Udit's change?