mailing list archives
Re: IPv6 and HTTPS
From: Owen DeLong <owen () delong com>
Date: Thu, 25 Apr 2013 22:32:10 -0400
On Apr 25, 2013, at 9:47 PM, Jay Ashworth <jra () baylink com> wrote:
----- Original Message -----
From: "Chris Adams" <cmadams () hiwaay net>
Once upon a time, Jay Ashworth <jra () baylink com> said:
Does anyone know how much IPv4 space is allocated *specifically* to cater
to the fact that HTTPS requires a dedicated IP per DNS name?
Is that a statistically significant percentage of all the IPs in use?
I have no numbers, but my gut feeling is that there are a lot more
eyeballs than web servers with lots of IPs.
Fair point. Though those are choked behind carriers who may well CGN
them whether the eyeballs like it or not.
That won't reduce the number of IPs they are consuming, it will just increase
the number of customers using them.
Wasn't there something going on to make HTTPS IP muxable? How's that
SNI; RFC 3546
How fast could it be deployed?
The RFC is just shy of 10 years old, so that's like a baby compared to
It is mostly deployed, but there's still a fair number of old clients
that don't support it. WinXP+IE is probably the biggest fail, followed
by Android < 3.0 and BlackBerry.
When you say "it is mostly deployed", what exactly do you mean? Is it
layer 7 or 4? Does it live in libraries that can be upgraded behind
users' backs? Or is it actually in the browser proper? Or are you just
talking about the server-side of the equation?
Browsers are the long-tail here. There are also some privacy concerns.
The good news is that most things which fully support IPv6 also support SNI.
The bad new is that most things that don't support IPv6 don't support SNI.
Guess what that means. ;-)
RE: IPv6 and HTTPS David Hubbard (Apr 26)
Re: IPv6 and HTTPS joel jaeggli (Apr 26)
Re: IPv6 and HTTPS Don Gould (Apr 26)