On 09/25/2017 06:57 AM, Dave Cridland wrote: > On 25 September 2017 at 06:06, Travis Burtrum <tra...@burtrum.org> wrote: >> >> Conversations has had support since before this became a XEP actually. >> >> Everyone I know of has implemented the server-side of the c2s connection >> either with a dedicated xmpp-over-TLS port, or using sslh to multiplex >> on ALPN. Debian even has an (unfortunately-named) section of their wiki >> on installing prosody about it [1]. >> >> I also count 21 public servers on this test chart that have support [2]. >> > > Do those all support SNI? I think SNI is critically important here > (and it's a MUST in the specification).
I'm not sure exactly which you are asking questions about, so I'll just mention them all. 1. Yes Conversations supports SNI[1] and ALPN[2] where available. These are guaranteed to be in android 4.2 and 4.4 respectively, and *might* be supported earlier depending on vendor. According to the stats[3] this means ~92% of androids currently in use support both. 2. SSLH will multiplex on both ALPN and SNI, prosody doesn't support SNI on it's 'legacy_ssl_ports' (name needs changed...), though there was an unfinished patch floating around. 3. My guess is most of those host a single domain and don't need SNI. [1]: https://github.com/siacs/Conversations/blob/master/src/main/java/eu/siacs/conversations/utils/SSLSocketHelper.java#L33 [2]: https://github.com/siacs/Conversations/blob/master/src/main/java/eu/siacs/conversations/utils/SSLSocketHelper.java#L45 [3]: https://developer.android.com/about/dashboards/index.html _______________________________________________ Standards mailing list Info: https://mail.jabber.org/mailman/listinfo/standards Unsubscribe: standards-unsubscr...@xmpp.org _______________________________________________
