[cryptography] STARTTLS for HTTP

Tony Arcieri bascule at gmail.com
Sun Aug 31 13:00:11 EDT 2014

On Sat, Aug 30, 2014 at 3:08 AM, Florian Weimer <fw at deneb.enyo.de> wrote:

> Some clients do not send SNI, so it's possible to send HTTP requests
> to the right server, but not HTTPS requests.

For STARTTLS to even work, it needs to be supported on both the client and
the server.

If there are *any* issues with STARTTLS operation for a particular service,
the server can merely choose not to enable it, and things would proceed as

Tony Arcieri
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.randombit.net/pipermail/cryptography/attachments/20140831/fa3caeb6/attachment-0001.html>

More information about the cryptography mailing list