On Sun, Sep 23, 2018 at 10:14 AM, Nicolas Mailhot
<nicolas.mailhot@xxxxxxxxxxx> wrote:
??? That's not a Google choice, SNI is one of the
Mandatory-to-Implement
Extensions in TLS 1.3. You'll need it to connect to anything that
claims
TLS 1.3 (which will be everyone as soon as someone publishes a hole in
TLS 1.2)
Of course Google *was* heavily involved in the TLS 1.3 draft, and *is*
working on obsoleting SNI as it exists today in favour of an encrypted
variant.
I didn't know that!
In that case... well, that requires changes in all applications using
GnuTLS that don't already use gnutls_server_name_set(). They will
either need to call gnutls_server_name_set(), or else disable TLS 1.3.
Correct?
Michael
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
