Return-Path: X-Original-To: apmail-httpd-dev-archive@www.apache.org Delivered-To: apmail-httpd-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id F39E61087F for ; Wed, 27 Nov 2013 05:58:44 +0000 (UTC) Received: (qmail 22484 invoked by uid 500); 27 Nov 2013 05:58:41 -0000 Delivered-To: apmail-httpd-dev-archive@httpd.apache.org Received: (qmail 22446 invoked by uid 500); 27 Nov 2013 05:58:40 -0000 Mailing-List: contact dev-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: dev@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list dev@httpd.apache.org Received: (qmail 22437 invoked by uid 99); 27 Nov 2013 05:58:40 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 27 Nov 2013 05:58:40 +0000 X-ASF-Spam-Status: No, hits=-0.0 required=5.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: local policy) Received: from [85.25.46.13] (HELO fornix.velox.ch) (85.25.46.13) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 27 Nov 2013 05:58:29 +0000 Received: from cortex.velox.ch (77-57-164-164.dclient.hispeed.ch [77.57.164.164]) (authenticated bits=0) by fornix.velox.ch (8.14.4/8.14.4/2.2) with ESMTP id rAR5w5Qe023992 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for ; Wed, 27 Nov 2013 06:58:06 +0100 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=velox.ch; s=fornix-727e; t=1385531886; bh=U9nV7E4ClKxqajMHBFt2kCfbAOrAO2MmQdFyi+uL8ro=; h=Date:From:To:Subject:References:In-Reply-To; b=RzQNqcG2dN04WqJQ8dBIBFrC3+JHmDFs0mHCv5gn7MLlEJ/q1sJ5ObJkJJ10pjvij hqn+4ppb/Vgf98svHDjBAbcfKtvM3cz/F7iSeSMVF6upOBFySHU5AERBDJhEhyNhes N2THoOJZlvjmU0gRQcEvc0Z1n9VBqGzVmLhDG/IMJLHIKwlwmYVizK4sWzIubSbMHb jNLiFCMHJIXU2BYxrNsA6ZcOUi1Ow3IhMqvoZL9LzSz2X/aiBeuPJfLjugsrIxKDmF SBl+jObtBgZJfM08hhKE0OblQk5N6l1cYqcpTCZ+a7+BMlgAMAs6YdTJ+lyjboqA8M 4aaIi2LMZjw8g== X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on cortex.velox.ch X-Spam-Level: Message-ID: <529589F2.2010908@velox.ch> DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=velox.ch; s=cortex-8a58; t=1385531888; bh=U9nV7E4ClKxqajMHBFt2kCfbAOrAO2MmQdFyi+uL8ro=; h=Date:From:To:Subject:References:In-Reply-To; b=fx1qmgFDbBtVF0Xq7ar2mFTM95YsOvwTnf1/nHJlxv2x1RVVm9+CPqZoEpJ23tJg2 OpCrls/OjbyS1I/MqdrXnOJnzJwEDkM7E+jPvaideNe5WZ19umjQCgpuO1pzuZLo5x xVSK3LKbUwamenxAas3N3PJxN0fPGIaEtWxfbNPVVKZV9Rrlm9GNV/BgwdF+IX4IUq 75oe4Zu2yabN0oV8pLd9TsBexzrmVJgAWtcYrvfStmQG6t0gFA50odjFgbBUtzkoKZ k3nicM1yzE5FREgYaFO3If7DUmcL8lj5GhzHzRevvU4tVlIqhfUGpT/0hYkMx9k47P rmI8K/6ohOc0A== Date: Wed, 27 Nov 2013 06:58:10 +0100 From: Kaspar Brand MIME-Version: 1.0 To: dev@httpd.apache.org Subject: Re: Behavior of Host: vs. SNI Hostname in proxy CONNECT requests References: <20131125155541.66e19919@hub> <52943239.9080607@velox.ch> <5294D7FC.5030501@velox.ch> In-Reply-To: Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked by ClamAV on apache.org X-Old-Spam-Status: No, score=-1.5 required=8.0 tests=AWL=0.001,BAYES_00=-1.5, NO_RECEIVED=-0.001,NO_RELAYS=-0.001,T_DKIM_INVALID=0.01 autolearn=no version=3.3.2 On 26.11.2013 18:54, Yann Ylavic wrote: > Do you know if the port can be part of the SNI (eg. "www.domain.net:8080") > so that it can be checked against the Host (which may contain that port)? I > can't find any reference about this. Pure host names (FQDN!) only: RFC 6066, section 3. Kaspar