Home page logo
/

nanog logo nanog mailing list archives

Re: IPv6 and HTTPS
From: joel jaeggli <joelja () bogus com>
Date: Thu, 25 Apr 2013 22:22:02 -0700

On 4/25/13 9:27 PM, Patrick W. Gilmore wrote:
On Apr 26, 2013, at 00:19 , joel jaeggli <joelja () bogus com> wrote:
On 4/25/13 6:24 PM, Jay Ashworth wrote:
Ok, here's a stupid question[1], which I'd know the answer to if I ran bigger
networks:

Does anyone know how much IPv4 space is allocated *specifically* to cater
to the fact that HTTPS requires a dedicated IP per DNS name?
It doesn't, or doesn't if if your clients are not stuck in the past.

TLS SNI has existed for a rather long time.
Is that a statistically significant percentage of all the IPs in use?

Wasn't there something going on to make HTTPS IP muxable?  How's that coming?
there are stuborn legacy hosts.
How fast could it be deployed?
you can use it now.
Sure, you "can".

But no one will. No one (especially someone doing SSL content) wants 99% connectivity. And there's a lot more than 1% 
XP out there. (Hrm, that explanation works to explain why to a couple decimal places 0% of the Internet is on v6 only today.)
Well there are certainly people who no longer support ie6 e.g. google facebook and so on, IE doesn't support it unless you run vista or later. and it will work on xp if you use firefox.

we use it with api's and non-browser-based html5 applications with essentially no issues.

The market-share of some of the more problematic devices is in fact getting to the point where it is possible.




  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]