Esko Dijk <esko.d...@iotconsultancy.nl> wrote:
> Small addendum: Even if RFC 6066 would allow IP literals in a SNI
> (which it doesn't), then it still could not be used by a Pledge. Reason
> is that a Pledge would discover only the IP literal of a Proxy and not
> the one of the Registrar. So the Registrar would receive SNI with an
> incorrect IP address in it in that hypothetical case. So it wouldn't
> work anyway.
Complete agreement.
I don't know if client libraries are smart enough to omit SNI when the
connection is to an IP address, or if they just include the string expression
of the IP address.
As you say, it won't work, so the Registrar, being defensive, needs to just
ignore any SNI.
--
Michael Richardson <mcr+i...@sandelman.ca> . o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
_______________________________________________ Anima mailing list Anima@ietf.org https://www.ietf.org/mailman/listinfo/anima
