maskit opened a new issue, #10089:
URL: https://github.com/apache/trafficserver/issues/10089
> QUIC version 1 uses TLS version 1.3 or greater as its handshake
protocol. HTTP/3 clients MUST support a mechanism to indicate the
target host to the server during the TLS handshake. If the server is
identified by a domain name ([DNS-TERMS]), clients MUST send the
Server Name Indication (SNI; [RFC6066]) TLS extension unless an
alternative mechanism to indicate the target host is used.
https://www.rfc-editor.org/rfc/rfc9114.html#section-3.2-2
What to do on the server side doesn't seem to be defined, but we can
probably use `H3_GENERAL_PROTOCOL_ERROR` and close the connection if a client
does not use SNI extension.
Note that this is from H3 spec and QUIC does not require use of SNI
extension (i.e. we should do this check in `proxy/http3`).
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
