> On Jun 17, 2020, at 8:17 PM, Viktor Dukhovni via Exim-users > <exim-users@exim.org> wrote: > > However, its use is recommended: > > https://tools.ietf.org/html/rfc8446#section-4.4.2.2 > > - The "server_name" [RFC6066] and "certificate_authorities" > extensions are used to guide certificate selection. As servers > MAY require the presence of the "server_name" extension, clients > SHOULD send this extension, when applicable.
The recommendation is contextual to cases “when applicable”. This is significant because in applications where the server ignores the extension it’s arguably counterproductive to send it since it discloses the hostname that the client intends to hit. Thus it seems that if the server ignores the extension, it’s better NOT to send it--at least until encrypted SNI becomes practical. -FG -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
