-- Leo's gemini proxy
-- Connecting to gemini.bunburya.eu:1965...
-- Connected
-- Sending request
-- Meta line: 20 text/gemini; lang=en-IE
From: Marek Küthe <m.k@mk16.de>
Subject: Re: Requests and SNI
Date: Mon, 26 Sep 2022 14:20:46 +0200
Message-ID: <20220926142046.1d30f63e@banduras-laptop>
First with a TLS connection established with the server. The server
must find a suitable certificate for the connection with the hostname
of the domain. If you request without SNI, the server does not know
which domain and therefore which certificate to select. The actual
Gemini request comes later, when the TLS connection is established. The
SNI has more or less the same purpose as in the WWW.
On Mon, 26 Sep 2022 07:36:02 -0000 (UTC)
noscript <name@example.com> wrote:
> In the request description (section 2) of the gemini specification, there is:
>
> > Gemini requests are a UTF-8 encoded absolute URL, including a scheme
> > Sending an absolute URL permits virtual hosting of multiple Gemini
> > domains on the same IP address.
>
> And TLS section 4, there is:
>
> > Use of the Server Name Indication (SNI) extension to TLS is also mandatory,
> > to facilitate name-based virtual hosting.
>
> The SNI seems redundant because the hostname is in the request already.
>
> What is the reason to have SNI mandatory?
Parent:
-- Response ended
-- Page fetched on Fri Jun 14 22:06:49 2024