https - hopefully not too stupid a question
chris-ukcrypto at lists.skipnote.org
Sun Jun 17 17:27:05 BST 2012
On Sun, 17 Jun 2012, Peter Fairbrother wrote:
> Does SNI get used every time, or only on request, eg when a single IP address
> hosts many different domains?
SNI involves sending the URL hostname in the clear as part of the TLS
client HELLO, which is the very first packet of every connection, after
the 3-way TCP handshake. At this stage, the client does not know whether
server understands, or wishes to see the SNI. So therefore it's always
sent, regardless. If the server isn't interested, it will simply ignore
Older browsers don't do this. But most things post Win XP do.
More information about the ukcrypto