On 2020-06-17 at 19:51 -0400, Felipe Gasper wrote:
> > On Jun 17, 2020, at 6:22 PM, Phil Pennock via Exim-users <exim-users@???> wrote:
> > because TLS1.3 mandates SNI.
>
> Phil, do you have a citation for this? I skimmed the RFC just now, and the only mandatory details about SNI that I see are in the context of session resumption.
>
> If TLS 1.3 indeed mandates SNI, then that’s relevant in other conversations I’m in and would love to be able to cite that.
My memory has faded.
In <
https://bugs.exim.org/show_bug.cgi?id=2266> I wrote:
} With TLS 1.3 mandating SNI from clients unless an application profile
} prohibits that, we should be providing a default value of SNI.
My very vaguest of recollections is that client libraries are being
written around a model of the HTTPS application profile and other
profiles are second-class citizens and fighting a losing battle to work
without SNI.
So I probably miswrote: it's not "mandated by spec", it's, if I'm now
remembering correctly, "de facto mandated by all the usable profiles and
mandated by many libraries".
I don't remember the details or even the above with any degree of
confidence; it's been two years since I last even looked at this.
Sorry.
-Phil
