On Sat, 2015-07-18 at 21:22 -0400, Dave Garrett wrote: > There's two issues (basically duplicates) for this topic, as well as > an inline TODO. > https://github.com/tlswg/tls13-spec/issues/66 > https://github.com/tlswg/tls13-spec/issues/72 > https://tlswg.github.io/tls13-spec/#server-hello > > The current expectation is to separate extensions into unencrypted > and encrypted, with: > "The ServerHello MUST only include extensions which are required to > establish the cryptographic context." > > The rest then go into the new EncryptedExtensions message. > Are there really any extensions that this applies to?
The extensions which indicate the type of server (ALPN) or the name of server must be able to be sent in the clear. The reason is that middle -boxes or proxies must be able to determine the actual server to transfer the session without terminating it. regards, Nikos _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
