IETF Logo Mail Archive

[TLS] Server Name Indication (SNI) in an IPv6 world?

=JeffH <Jeff.Hodges@KingsMountain.com> Tue, 26 October 2010 23:34 UTC

Return-Path: <Jeff.Hodges@KingsMountain.com>
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 0A3033A68DC for <tls@core3.amsl.com>; Tue, 26 Oct 2010 16:34:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.182
X-Spam-Level:
X-Spam-Status: No, score=-102.182 tagged_above=-999 required=5 tests=[AWL=0.083, BAYES_00=-2.599, IP_NOT_FRIENDLY=0.334, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hrdQxCGNUs1z for <tls@core3.amsl.com>; Tue, 26 Oct 2010 16:34:03 -0700 (PDT)
Received: from cpoproxy3-pub.bluehost.com (cpoproxy3-pub.bluehost.com [67.222.54.6]) by core3.amsl.com (Postfix) with SMTP id E15603A6879 for <tls@ietf.org>; Tue, 26 Oct 2010 16:34:02 -0700 (PDT)
Received: (qmail 16613 invoked by uid 0); 26 Oct 2010 23:35:50 -0000
Received: from unknown (HELO box514.bluehost.com) (74.220.219.114) by cpoproxy3.bluehost.com with SMTP; 26 Oct 2010 23:35:50 -0000
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=default; d=kingsmountain.com; h=Received:Message-ID:Date:From:User-Agent:MIME-Version:To:Subject:Content-Type:Content-Transfer-Encoding:X-Identified-User; b=h2K6ye7RB/Nou3oygglVAl+q2DmkBdoJkiQ0E1jkryAWG+2LndNJdSGemNfLFkTkrfCrVeD9Hfb8BeemrqL8DAOg/IOKxR0EAHpHnU2nG3SX+1jrI3/N3bXtwwZuDpnC;
Received: from outbound4.ebay.com ([216.113.168.128] helo=[10.244.137.163]) by box514.bluehost.com with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.69) (envelope-from <Jeff.Hodges@KingsMountain.com>) id 1PAt3W-00073z-LU for tls@ietf.org; Tue, 26 Oct 2010 17:35:50 -0600
Message-ID: <4CC765D6.6020704@KingsMountain.com>
Date: Tue, 26 Oct 2010 16:35:50 -0700
From: =JeffH <Jeff.Hodges@KingsMountain.com>
User-Agent: Thunderbird 2.0.0.24 (X11/20100411)
MIME-Version: 1.0
To: IETF TLS WG <tls@ietf.org>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Identified-User: {11025:box514.bluehost.com:kingsmou:kingsmountain.com} {sentby:smtp auth 216.113.168.128 authed with jeff.hodges+kingsmountain.com}
Subject: [TLS] Server Name Indication (SNI) in an IPv6 world?
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 26 Oct 2010 23:34:04 -0000

What do folks think, will the TLS SNI extension still be employed as much in 
the IPv6 world as it is in the IPv4 world?

The question stems from the simple observation (on some folks' part) of the 
IPv6 world ostensibly having multitudinous addresses available, hence instead 
of virtual-hosting via one IPv4-addressed entity (and employing SNI in order to 
properly have a cert per virtual host, rather than one cert with a mutitude of 
subjectAltName:dNSNames), one can instead just multi-home such hosting entities 
with an IPv6 addr per virtual host.

thoughts?

=JeffH

v2.23.0 | Report a Bug | By Email