On Sun, 23 Apr 2017 21:00:49 +0300 Tuomo Soini <[email protected]> wrote:
> > This seems like the wrong take-away. I agree that SNI support is > > important, but I'd also expect if the project decides to take this > > hard-line stance on SNI client support that it be done consistently > > so 100% of requests without SNI fail. > > No. We go without SNI requirement as far as we can. There are several > systems in our infrastructure and there is no simple way to go without > SNI requirement on Finland server. This is result of careful planning, > not just random configuration. I did some experiments and managed to get https://download.libreswan.org to work without SNI. But that only means https://libreswan.org/ requires SNI to work which was why we didn't want to do this before. But as all real browsers nowadays do support SNI this might be better way around. -- Tuomo Soini <[email protected]> Foobar Linux services +358 40 5240030 Foobar Oy <http://foobar.fi/> _______________________________________________ Swan mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan
