On Wed, Oct 9, 2019 at 7:31 PM Salz, Rich <rs...@akamai.com> wrote: > > - A link from CDN to Origin is just a particularly easy-to-deploy use > case, since client certificates are already in wide use and IPv6 tends to > work flawlessly. > > > > It does? Gee, cool. > > I was being sarcastic, not angry. I shouldn’t have done so. > > > > But now I am not sure what you are asking for. Asking about CDN to Origin > using ESNI or ESNI with a client cert? >
I'm wondering what the backhaul traffic from CDN to Origin looks like, even if a user-agent request to the CDN used ESNI. I noticed that many CDNs provide client certificates. In TLS handshakes that use a client certificate, it seems like the SNI might be able to be sent with the second message from the client (alongside the client certificate). thanks, Rob
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
