Issue #6503 has been updated by MartinBosslet (Martin Bosslet).


Thanks, Ilya, for the links! I just checked the Python patch and what OpenSSL already provides and what would be needed on our side. It's really not too much, basically feeding OpenSSL API with parameters that we could make a part of SSL context objects. One thing that worries me though is that we have nothing to really test this. 

@Ilya: Would you have any ideas what we could do? The RFC is still in draft status, and I've followed the conversation in [1]. Can 13172 and 67 be taken for granted? :)

@David: It's OK, I'll take this, but thanks for your support!


[1] http://www.ietf.org/mail-archive/web/tls/current/msg08605.html
----------------------------------------
Feature #6503: Support for the NPN extension to TLS/SSL
https://bugs.ruby-lang.org/issues/6503#change-27028

Author: igrigorik (Ilya Grigorik)
Status: Assigned
Priority: Normal
Assignee: MartinBosslet (Martin Bosslet)
Category: 
Target version: 


OpenSSL 1.0.1+ added support for Next Protocol Negotiation (NPN) extensions. A couple of relevant links:

- Google technical note: https://technotes.googlecode.com/git/nextprotoneg.html
- IETF draft: http://tools.ietf.org/html/draft-agl-tls-nextprotoneg-02

NPN allows the client to negotiate the session protocol as part of the TLS handshake (ex, "http 1.1", or "spdy/v{1,2,3}"). To support SPDY we need NPN support within OpenSSL core in Ruby. The API is already implemented in OpenSSL 1.0.1+, so it's a matter of adding support in Ruby core. 

Sister bug for Python 3.3: http://bugs.python.org/issue14204


-- 
http://bugs.ruby-lang.org/