top | item 8149619

(no title)

moonboots | 11 years ago

CloudFlare's CEO says that free SSL will use SNI with ipv4 [1] and possibly non-SNI with ipv6 [2]. A CloudFlare engineer has discussed splitting the SSL handshake between servers so their many edge nodes don't need to keep customer secret keys in memory [3]. However, this sounds slightly different than the lazy loading behavior in the blog post.

[1] https://news.ycombinator.com/item?id=7910849

[2] https://twitter.com/eastdakota/status/478369486643658754

[3] http://www.slideshare.net/cloudflare/running-secure-server-s...

discuss

asdfaoeu|11 years ago

Non-SNI over ipv6 seems pretty pointless since anything supporting ipv6 is going to have sni anyway.

donavanm|11 years ago

Not sure why otterley was down voted. XP is going to exist for a while.

Old android/mobile clients are another case. Mobile operators are moving towards transparent "4 in 6" NAT/encap on their edges. The server would see a layer 3 IPv6 client, while the actual layer 7 client is an old Android/java stack.

otterley|11 years ago

Not true; Windows XP supports IPv6 but not SNI.