[162575] in North American Network Operators' Group
Re: IPv6 and HTTPS
daemon@ATHENA.MIT.EDU (Jay Ashworth)
Thu Apr 25 21:57:42 2013
Date: Thu, 25 Apr 2013 21:47:29 -0400 (EDT)
From: Jay Ashworth <jra@baylink.com>
To: NANOG <nanog@nanog.org>
In-Reply-To: <20130426013613.GC20036@hiwaay.net>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
----- Original Message -----
> From: "Chris Adams" <cmadams@hiwaay.net>
> Once upon a time, Jay Ashworth <jra@baylink.com> said:
> > Does anyone know how much IPv4 space is allocated *specifically* to cater
> > to the fact that HTTPS requires a dedicated IP per DNS name?
> >
> > Is that a statistically significant percentage of all the IPs in use?
>
> I have no numbers, but my gut feeling is that there are a lot more
> eyeballs than web servers with lots of IPs.
Fair point. Though those are choked behind carriers who may well CGN
them whether the eyeballs like it or not.
> > Wasn't there something going on to make HTTPS IP muxable? How's that
> > coming?
>
> SNI; RFC 3546
>
> > How fast could it be deployed?
>
> The RFC is just shy of 10 years old, so that's like a baby compared to
> IPv6.
>
> It is mostly deployed, but there's still a fair number of old clients
> that don't support it. WinXP+IE is probably the biggest fail, followed
> by Android < 3.0 and BlackBerry.
When you say "it is mostly deployed", what exactly do you mean? Is it
layer 7 or 4? Does it live in libraries that can be upgraded behind
users' backs? Or is it actually in the browser proper? Or are you just
talking about the server-side of the equation?
Cheers,
-- jra
--
Jay R. Ashworth Baylink jra@baylink.com
Designer The Things I Think RFC 2100
Ashworth & Associates http://baylink.pitas.com 2000 Land Rover DII
St Petersburg FL USA #natog +1 727 647 1274
