[tech] IPv6 addresses in URLs

Alex // nytpu alex at nytpu.com
Thu Apr 15 19:38:43 BST 2021

On 2021-04-15 08:07PM, almaember wrote:
> Please excuse my lack of knowledge about SNI, but can't clients send
> the IP address as a host too?
RFC-6066 mandates the use of fully qualified domain names, but says:
> ...Currently, the only server names supported are DNS hostnames;
> however, this does not imply any dependency of TLS on DNS, and other
> name types may be added in the future...

It also says:
> Literal IPv4 and IPv6 addresses are not permitted in "HostName".

TLS 1.3 simply says that it's mandatory to implement SNI as specified in
RFC6066 §3, so unfortunately no updates there

* * *

However, right before sending this, I realized that there's a key point that I
didn't realize until reading the spec just now: the HostName field can be 0
characters.  TLS 1.3 (and Gemini over TLS 1.2) mandates that the SNI extension
/exists/ in the ClientHello, but the hostname field itself can be empty,
indicating to use some "default" at the operators discresion.  If anyone has a
gitlab account, this might be a good thing to open an issue to clarify.


Alex // nytpu
alex at nytpu.com
GPG Key: https://www.nytpu.com/files/pubkey.asc
Key fingerprint: 43A5 890C EE85 EA1F 8C88 9492 ECCD C07B 337B 8F5B
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <https://lists.orbitalfox.eu/archives/gemini/attachments/20210415/64017df4/attachment-0001.sig>

More information about the Gemini mailing list