[openssl-dev] ALPN RFC compliance
Scott Mitchell
scott.k.mitch1 at gmail.com
Thu May 28 23:20:29 UTC 2015
The ALPN RFC [1] states:
In the event that the server supports no protocols that the client
advertises, then the server SHALL respond with a fatal
"no_application_protocol" alert. [2]
This functionality is not yet implemented in OpenSSL. Now that HTTP/2 has
be published as a RFC [3], and due to HTTP/2's dependency on ALPN, it may
be good to revisit the issue. The NPN specification is less specific about
what to do in the event of no matching protocols, but the OpenSSL
implementation also does not support failing the handshake. NPN may be a
lower priority than ALPN but it would be nice to support consistent (as
possible) behavior for the two extensions.
This issue was originally raised on github [4].
[1] https://tools.ietf.org/html/rfc7301
[2] https://tools.ietf.org/html/rfc7301#section-3.2
[3] https://tools.ietf.org/html/rfc7540
[4] https://github.com/openssl/openssl/issues/188
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20150528/8a6f4803/attachment-0001.html>
More information about the openssl-dev
mailing list