[openssl-dev] SNI by default in s_client
Salz, Rich
rsalz at akamai.com
Mon Feb 13 16:55:16 UTC 2017
> extension by default that wasn't there before - and that we've already
> decided to add new extensions in 1.1.1 due to the forthcoming
> TLSv1.3 support.
You mean adding new extensions in the wire protocol? Or are did we modify any API/ABI behavior?
> On the other hand you could argue that this could break
> existing scripts that rely on the current SNI behaviour.
I would support adding a new -sni flag that is shorter, easier to type, and uses the value of the HOST field.
Within the team, we previously had agreement that the CLI was part of the ABI "contract." Waiting for Viktor to weigh in here :)
More information about the openssl-dev
mailing list