On Sat, 7 Dec 2019, Jochen Bern wrote: > (*) "SNI" is the established name for one *specific* solution of the > general "client connects and *then* selects from several available but > different backends" feature, namely, the one integrated into SSL *and* > interacting with the verification of the server's/backends' X.509 > certificate. If anything, the patch proposals you referred to rather > resemble the "Host:" header introduced into HTTP with protocol version > 1.1, to implement name-based web servers in *pre*-SSL times ... SNI is just a rather bad, privacy-violating, excuse to not use the current version of the Internet Protocol, hiding behind useless crap like NAT or vhosts. I am appalled that TLSv1.3 now requires it and would rather see it utterly abolished. bye, //mirabilos -- «MyISAM tables -will- get corrupted eventually. This is a fact of life. » “mysql is about as much database as ms access” – “MSSQL at least descends from a database” “it's a rebranded SyBase” “MySQL however was born from a flatfile and went downhill from there” – “at least jetDB doesn’t claim to be a database” (#nosec) ‣‣‣ Please let MySQL and MariaDB finally die! _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
