Klaus,
On 14/02/2019 14.00, Klaus Malorny wrote:
On 14.02.19 11:03, Shane Kerr wrote:
Is there a write-up on this?
Thinking about it naively, a demultiplexer really only needs to say
"is there a non-ASCII character in the first 2 or 3 bytes of a TLS
session?".
please think of HTTP/2, which is a binary protocol (although I don't
know what the first bytes are). But I guess ALPN (RFC 7301) would do the
trick.
I think that HTTP/2 preserves the initial handshake of HTTP/1.1.
But looking at ALPN, it was designed for exactly this the multiplexing
use case. In principle all that would be needed is adding an identifier
to the ALPN protocol IDs:
https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml#alpn-protocol-ids
It would also address Joe's concerns about other protocols.
Maybe creating an ALPN protocol ID for DNS-over-TLS is something for the
DPRIVE working group? 🤔
Cheers,
--
Shane
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
