On Thu, Feb 14, 2019 at 8:24 AM Shane Kerr <sh...@time-travellers.org> wrote:
> Klaus, > > On 14/02/2019 14.00, Klaus Malorny wrote: > > On 14.02.19 11:03, Shane Kerr wrote: > > > >> Is there a write-up on this? > >> > >> Thinking about it naively, a demultiplexer really only needs to say > >> "is there a non-ASCII character in the first 2 or 3 bytes of a TLS > >> session?". > >> > > please think of HTTP/2, which is a binary protocol (although I don't > > know what the first bytes are). But I guess ALPN (RFC 7301) would do the > > trick. > > I think that HTTP/2 preserves the initial handshake of HTTP/1.1. > > But looking at ALPN, it was designed for exactly this the multiplexing > use case. In principle all that would be needed is adding an identifier > to the ALPN protocol IDs: > > > https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml#alpn-protocol-ids > > It would also address Joe's concerns about other protocols. > > Maybe creating an ALPN protocol ID for DNS-over-TLS is something for the > DPRIVE working group? 🤔 > https://mailarchive.ietf.org/arch/browse/dns-privacy/?q=ALPN https://tools.ietf.org/html/draft-hoffman-dprive-dns-tls-alpn-00 https://www.ietf.org/archive/id/draft-dkg-dprive-demux-dns-http-03.txt I'd encourage folk to go read the archive (and, again, there is a WG for this -- https://datatracker.ietf.org/wg/dprive/about/ ). W > > Cheers, > > -- > Shane > > _______________________________________________ > DNSOP mailing list > DNSOP@ietf.org > https://www.ietf.org/mailman/listinfo/dnsop > -- I don't think the execution is relevant when it was obviously a bad idea in the first place. This is like putting rabid weasels in your pants, and later expressing regret at having chosen those particular rabid weasels and that pair of pants. ---maf
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
