From: "MartinBosslet (Martin Bosslet)" <Martin.Bosslet@...>
Date: 2012-07-06T16:10:00+09:00
Subject: [ruby-core:46222] [ruby-trunk - Feature #6503] Support for the NPN extension to TLS/SSL


Issue #6503 has been updated by MartinBosslet (Martin Bosslet).


duerst (Martin D��rst) wrote: 
>  Just a small detail: That should be IETF politics, I guess. But I'm also 
>  not familiar with that corner of the IETF, sorry.
>  

Just out of curiosity - because IETF is in charge of the TLS extension registry?
That's what I think I understood from [1] at least:

> TLS ExtensionType Registry: Future values are allocated via IETF Consensus

[1] http://tools.ietf.org/html/rfc5246#section-12
----------------------------------------
Feature #6503: Support for the NPN extension to TLS/SSL
https://bugs.ruby-lang.org/issues/6503#change-27850

Author: igrigorik (Ilya Grigorik)
Status: Assigned
Priority: Normal
Assignee: MartinBosslet (Martin Bosslet)
Category: ext
Target version: 2.0.0


OpenSSL 1.0.1+ added support for Next Protocol Negotiation (NPN) extensions. A couple of relevant links:

- Google technical note: https://technotes.googlecode.com/git/nextprotoneg.html
- IETF draft: http://tools.ietf.org/html/draft-agl-tls-nextprotoneg-02

NPN allows the client to negotiate the session protocol as part of the TLS handshake (ex, "http 1.1", or "spdy/v{1,2,3}"). To support SPDY we need NPN support within OpenSSL core in Ruby. The API is already implemented in OpenSSL 1.0.1+, so it's a matter of adding support in Ruby core. 

Sister bug for Python 3.3: http://bugs.python.org/issue14204


-- 
http://bugs.ruby-lang.org/