From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from IMSVA.IN.MEGATRENDS.COM (IMSVA.IN.MEGATRENDS.COM [14.98.235.2])
 by mx.groups.io with SMTP id smtpd.web10.11615.1602072841798967443
 for <devel@edk2.groups.io>;
 Wed, 07 Oct 2020 05:14:02 -0700
Authentication-Results: mx.groups.io;
 dkim=missing; spf=none, err=SPF record not found (domain: amiindia.co.in, ip: 14.98.235.2, mailfrom: prarthanasv@amiindia.co.in)
Received: from IMSVA.IN.MEGATRENDS.COM (IMSVA.IN.MEGATRENDS.COM [127.0.0.1])
	by IMSVA (Postfix) with ESMTP id 99D4E82046
	for <devel@edk2.groups.io>; Wed,  7 Oct 2020 17:53:01 +0530 (IST)
Received: from IMSVA.IN.MEGATRENDS.COM (IMSVA.IN.MEGATRENDS.COM [127.0.0.1])
	by IMSVA (Postfix) with ESMTP id 2E1CC82028
	for <devel@edk2.groups.io>; Wed,  7 Oct 2020 17:53:00 +0530 (IST)
Received: from webmail.amiindia.co.in (venus2.in.megatrends.com [10.0.0.7])
	by IMSVA.IN.MEGATRENDS.COM (Postfix) with ESMTPS
	for <devel@edk2.groups.io>; Wed,  7 Oct 2020 17:53:00 +0530 (IST)
Received: from VENUS1.in.megatrends.com ([fe80::951:7975:6ecf:eae5]) by
 Venus2.in.megatrends.com ([fe80::2002:4a07:4f17:c09b%14]) with mapi id
 14.03.0248.002; Wed, 7 Oct 2020 17:43:57 +0530
From: "Prarthana Sagar V" <prarthanasv@amiindia.co.in>
To: "devel@edk2.groups.io" <devel@edk2.groups.io>
Subject: Server name Indication (SNI) support in CryptoPkg
Thread-Topic: Server name Indication (SNI) support in CryptoPkg
Thread-Index: Adaco1PJcjtr0lKzQYiF5CCUGEZWVg==
Date: Wed, 7 Oct 2020 12:13:56 +0000
Message-ID: <013B69FA8423AE4585E1D2D1AA16ACB101D81A7043@VENUS1.in.megatrends.com>
Accept-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-originating-ip: [10.0.3.104]
MIME-Version: 1.0
X-TM-AS-GCONF: 00
X-TM-AS-Product-Ver: IMSVA-9.1.0.1817-8.6.0.1013-25710.007
X-TM-AS-Result: No--12.778-5.0-31-10
X-imss-scan-details: No--12.778-5.0-31-10
X-TMASE-Version: IMSVA-9.1.0.1817-8.6.1013-25710.007
X-TMASE-Result: 10--12.778200-10.000000
X-TMASE-MatchedRID: WAbpwtHA3levCJnb0mXNbqo2fOuRT7aaQfblIp3oBdF0PA/ki2kI7Lnq
	JNXIccKryd44Sucb673niZuiwpS5hyS9O7aymfst3zSg/bkXzGlxDjcOu4ElXEp12IXZajx52Ta
	XuLehzjNHDd+lAeDDe5frKASrZ1StRUlCxm127kQxNOsBwNfn/mFLmZ/VV2VhcUOBRtu5sNuFAf
	5iylR8Wo0ogGHrw9oBQUUiDKo91ackrPqUxWOobg6w00GeWBFa64sVlliWKx8fE8yM4pjsD/7E6
	GNqs6ceph2ujy3dRBb6C0ePs7A07SAJgyd9wrc8h4UvEssiskZ7jOq3e/2J3gt+7AxJqQQ0bHkI
	TjurBhlrqWU57D1Yx6cb3l2zj137hZ8MSDm/xDDCwXqKCdb0pMcWKInzA/+/
X-TMASE-SNAP-Result: 1.821001.0001-0-1-12:0,22:0,33:0,34:0-0
Content-Language: en-US
Content-Type: multipart/alternative;
	boundary="_000_013B69FA8423AE4585E1D2D1AA16ACB101D81A7043VENUS1inmegat_"

--_000_013B69FA8423AE4585E1D2D1AA16ACB101D81A7043VENUS1inmegat_
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

Hello,

CryptoPkg has no support to send SNI extension in ClientHello during Handsh=
ake.
When multiple URLs are used in single server, then it is necessary to send =
host name as SNI in ClientHello to make the handshake successful.
Does EDK2 have any plan to support it?

Thanks
Prarthana

--_000_013B69FA8423AE4585E1D2D1AA16ACB101D81A7043VENUS1inmegat_
Content-Type: text/html; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

<html xmlns:v=3D"urn:schemas-microsoft-com:vml" xmlns:o=3D"urn:schemas-micr=
osoft-com:office:office" xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" xmlns=3D"http:=
//www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dus-ascii"=
>
<meta name=3D"Generator" content=3D"Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
	{font-family:"Cambria Math";
	panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
	{font-family:Calibri;
	panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
	{margin:0cm;
	margin-bottom:.0001pt;
	font-size:11.0pt;
	font-family:"Calibri",sans-serif;
	mso-fareast-language:EN-US;}
a:link, span.MsoHyperlink
	{mso-style-priority:99;
	color:#0563C1;
	text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
	{mso-style-priority:99;
	color:#954F72;
	text-decoration:underline;}
span.EmailStyle17
	{mso-style-type:personal-compose;
	font-family:"Calibri",sans-serif;
	color:#1F4E79;}
.MsoChpDefault
	{mso-style-type:export-only;
	font-family:"Calibri",sans-serif;
	mso-fareast-language:EN-US;}
@page WordSection1
	{size:612.0pt 792.0pt;
	margin:72.0pt 72.0pt 72.0pt 72.0pt;}
div.WordSection1
	{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext=3D"edit">
<o:idmap v:ext=3D"edit" data=3D"1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang=3D"EN-IN" link=3D"#0563C1" vlink=3D"#954F72">
<div class=3D"WordSection1">
<p class=3D"MsoNormal"><span style=3D"color:#1F4E79">Hello,<o:p></o:p></spa=
n></p>
<p class=3D"MsoNormal"><span style=3D"color:#1F4E79"><o:p>&nbsp;</o:p></spa=
n></p>
<p class=3D"MsoNormal"><span lang=3D"EN-GB" style=3D"color:#1F4E79;mso-fare=
ast-language:EN-IN">CryptoPkg has no support to send SNI extension in Clien=
tHello during Handshake.<o:p></o:p></span></p>
<p class=3D"MsoNormal"><span lang=3D"EN-GB" style=3D"color:#1F4E79;mso-fare=
ast-language:EN-IN">When multiple URLs are used in single server, then it i=
s necessary to send host name as SNI in ClientHello to make the handshake s=
uccessful.<o:p></o:p></span></p>
<p class=3D"MsoNormal"><span lang=3D"EN-GB" style=3D"color:#1F4E79;mso-fare=
ast-language:EN-IN">Does EDK2 have any plan to support it?<o:p></o:p></span=
></p>
<p class=3D"MsoNormal"><span style=3D"color:#1F4E79"><o:p>&nbsp;</o:p></spa=
n></p>
<p class=3D"MsoNormal"><span lang=3D"EN-GB" style=3D"color:#1F4E79;mso-fare=
ast-language:EN-IN">Thanks<o:p></o:p></span></p>
<p class=3D"MsoNormal"><span lang=3D"EN-GB" style=3D"color:#1F4E79;mso-fare=
ast-language:EN-IN">Prarthana<o:p></o:p></span></p>
</div>
</body>
</html>

--_000_013B69FA8423AE4585E1D2D1AA16ACB101D81A7043VENUS1inmegat_--

From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [216.205.24.124])
 by mx.groups.io with SMTP id smtpd.web12.676.1602087040266074040
 for <devel@edk2.groups.io>;
 Wed, 07 Oct 2020 09:10:40 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=IwAiJIJK;
 spf=pass (domain: redhat.com, ip: 216.205.24.124, mailfrom: lersek@redhat.com)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1602087039;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=yzHtlwd16I0/nEckqtoRkFCnSyw9BJhskboKBu62vK0=;
	b=IwAiJIJK/e8hTZNDWI5zgcoUGXXAVDFZq8+Yi3L/zdlPpoeSs4oHXhoKUD681puw+mc55F
	Km1y7vPZpXhWxNCR4/89DJcyN0yw9MURvgyXwoazvf/u/qMeWB82ubZBxruXBybJePN1r7
	gynm0MMNtsq/ZqR0t4KC2lZd1xtKN/M=
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com
 [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id
 us-mta-437-BD5vBVYMMdaJUS7nj7j0Aw-1; Wed, 07 Oct 2020 12:10:37 -0400
X-MC-Unique: BD5vBVYMMdaJUS7nj7j0Aw-1
Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mimecast-mx01.redhat.com (Postfix) with ESMTPS id D386F80401A;
	Wed,  7 Oct 2020 16:10:35 +0000 (UTC)
Received: from lacos-laptop-7.usersys.redhat.com (ovpn-113-94.ams2.redhat.com [10.36.113.94])
	by smtp.corp.redhat.com (Postfix) with ESMTP id B274E6EF4B;
	Wed,  7 Oct 2020 16:10:33 +0000 (UTC)
Subject: Re: [edk2-devel] Server name Indication (SNI) support in CryptoPkg
To: devel@edk2.groups.io, prarthanasv@amiindia.co.in
References: <013B69FA8423AE4585E1D2D1AA16ACB101D81A7043@VENUS1.in.megatrends.com>
Cc: Maciej Rabeda <maciej.rabeda@linux.intel.com>,
 Jiaxin Wu <jiaxin.wu@intel.com>, Siyuan Fu <siyuan.fu@intel.com>,
 Jiewen Yao <jiewen.yao@intel.com>, Jian J Wang <jian.j.wang@intel.com>,
 Xiaoyu Lu <xiaoyux.lu@intel.com>, Guomin Jiang <guomin.jiang@intel.com>
From: "Laszlo Ersek" <lersek@redhat.com>
Message-ID: <ca348d7b-1fc3-b9ee-7846-a5cd07168aa3@redhat.com>
Date: Wed, 7 Oct 2020 18:10:32 +0200
MIME-Version: 1.0
In-Reply-To: <013B69FA8423AE4585E1D2D1AA16ACB101D81A7043@VENUS1.in.megatrends.com>
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13
Authentication-Results: relay.mimecast.com;
	auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=lersek@redhat.com
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Type: text/plain; charset=windows-1252
Content-Language: en-US
Content-Transfer-Encoding: 7bit

On 10/07/20 14:13, Prarthana Sagar V wrote:
> Hello,
> 
> CryptoPkg has no support to send SNI extension in ClientHello during Handshake.
> When multiple URLs are used in single server, then it is necessary to send host name as SNI in ClientHello to make the handshake successful.
> Does EDK2 have any plan to support it?

CC'ing NetworkPkg and CryptoPkg owners.

Thanks
Laszlo


From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mga17.intel.com (mga17.intel.com [192.55.52.151])
 by mx.groups.io with SMTP id smtpd.web10.1045.1602116664811785448
 for <devel@edk2.groups.io>;
 Wed, 07 Oct 2020 17:24:25 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@intel.onmicrosoft.com header.s=selector2-intel-onmicrosoft-com header.b=dUJlxIUB;
 spf=pass (domain: intel.com, ip: 192.55.52.151, mailfrom: jiewen.yao@intel.com)
IronPort-SDR: kXT5lZKGq/+6vLj8iyWelYuTHBNNkOll0MD1vyHxNUXrHYF7K0yljTJXmEgLrAhHviwT4g+jyl
 h9ikp7IwVFGQ==
X-IronPort-AV: E=McAfee;i="6000,8403,9767"; a="145079276"
X-IronPort-AV: E=Sophos;i="5.77,348,1596524400"; 
   d="scan'208";a="145079276"
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
Received: from orsmga005.jf.intel.com ([10.7.209.41])
  by fmsmga107.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Oct 2020 17:24:24 -0700
IronPort-SDR: K0JQU2P1BfyP/UrpMuhhXH2oJCn2t3//ssFLCC8O1/zkWI7jTbYhC9CYiQe5MUHWhlu2ltJd0+
 jKclA5nx3bLA==
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.77,348,1596524400"; 
   d="scan'208";a="528241874"
Received: from orsmsx606.amr.corp.intel.com ([10.22.229.19])
  by orsmga005.jf.intel.com with ESMTP; 07 Oct 2020 17:24:23 -0700
Received: from orsmsx601.amr.corp.intel.com (10.22.229.14) by
 ORSMSX606.amr.corp.intel.com (10.22.229.19) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.1.1713.5; Wed, 7 Oct 2020 17:24:23 -0700
Received: from ORSEDG602.ED.cps.intel.com (10.7.248.7) by
 orsmsx601.amr.corp.intel.com (10.22.229.14) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1713.5
 via Frontend Transport; Wed, 7 Oct 2020 17:24:23 -0700
Received: from NAM02-CY1-obe.outbound.protection.outlook.com (104.47.37.57) by
 edgegateway.intel.com (134.134.137.103) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.1.1713.5; Wed, 7 Oct 2020 17:24:20 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=gb+jw6HzMx6kJjgryVqOO+BMw6gllApsGnFa3GBRTKBL5K0sweieCRDGvpt7T6T7nb2nQG+LYB8LVqR0sGoqkLYUdBm21d3XRQbCD3Gj6M3wq6+0Yxa3+MtW0seWCsXSTy5WEgbXjMQ1B04gWWhPqqtqcxrqOxn77B1cSZbrHoRRbNINTIgo6Uks5UzVtR8FHu9VALhdVTrix8LW0aT5LlpykMF2CpEWfgdxORO/IyYo3X0gkH6ah9J1z5wGpc94yZvVOdxyn7hyzfchVW6vaO/FnVt4TOjafZEBkfhlnmCEn6/CGGrWyH2ro4XHk11otoBAiv9rE3BJKA8iGkJewA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=VbfZID3WnLqemcILY3vqNaO7zBK+0g2vOS/DVsg1LR8=;
 b=fGo4sDybb7/ec0XE3vcfMQLUd+fguJbuZc14vah8o/0mSD2Ld7F+FKC7MKfdU8iyPogSK9L0L8j06QUCwUHCpN6llhEbHsjZyN3cnUUGdlhF6EZ/l4TvKnhTZ0USsWK3tpu54XGncwjOT7rNzw+f9UdU1lkNGjwVipKprXVVfpApUhCwGH2Q3U2cZSzXLs5rgo3oy6/oY9A5QZz7baHCevPV4YXRvHdtE20PvyJ5ZBBLscdj1fcsL/+Q9xVpV8DDiNF6DvVLnjCZiK13hoQTswLEGj4n3CZL0GUpQnEQUFoGzKav2J3jatFjP2HvRrdjbAFDqPtcd+ipkTqZjS7P1Q==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com;
 dkim=pass header.d=intel.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel.onmicrosoft.com;
 s=selector2-intel-onmicrosoft-com;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=VbfZID3WnLqemcILY3vqNaO7zBK+0g2vOS/DVsg1LR8=;
 b=dUJlxIUBkDP954s2e49cd43yl7PPQqE+YqwTNMC9WG1YV0Pl3I1C5H61ZRV71I7eFLvS8Vho+mJIa/eVwX2YQK8/gxJa4lykf7w1udfGPgwMzHiitUZqT/rdWoKLFQOQ+3Mb3uG0UcEP/d+QFkoKjuT5VhqwDJmXqKM7RTtc4r0=
Received: from CY4PR11MB1288.namprd11.prod.outlook.com (2603:10b6:903:23::8)
 by CY4PR11MB1813.namprd11.prod.outlook.com (2603:10b6:903:127::7) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3455.22; Thu, 8 Oct
 2020 00:24:19 +0000
Received: from CY4PR11MB1288.namprd11.prod.outlook.com
 ([fe80::8948:caa4:ca1a:23ac]) by CY4PR11MB1288.namprd11.prod.outlook.com
 ([fe80::8948:caa4:ca1a:23ac%10]) with mapi id 15.20.3455.022; Thu, 8 Oct 2020
 00:24:19 +0000
From: "Yao, Jiewen" <jiewen.yao@intel.com>
To: Laszlo Ersek <lersek@redhat.com>, "devel@edk2.groups.io"
	<devel@edk2.groups.io>, "prarthanasv@amiindia.co.in"
	<prarthanasv@amiindia.co.in>
CC: Maciej Rabeda <maciej.rabeda@linux.intel.com>, "Wu, Jiaxin"
	<jiaxin.wu@intel.com>, "Fu, Siyuan" <siyuan.fu@intel.com>, "Wang, Jian J"
	<jian.j.wang@intel.com>, "Lu, XiaoyuX" <xiaoyux.lu@intel.com>, "Jiang,
 Guomin" <guomin.jiang@intel.com>
Subject: Re: [edk2-devel] Server name Indication (SNI) support in CryptoPkg
Thread-Topic: [edk2-devel] Server name Indication (SNI) support in CryptoPkg
Thread-Index: Adaco1PJcjtr0lKzQYiF5CCUGEZWVgAIQ3gAABE5L+A=
Date: Thu, 8 Oct 2020 00:24:19 +0000
Message-ID: <CY4PR11MB12889A2F80632E28D35C64488C0B0@CY4PR11MB1288.namprd11.prod.outlook.com>
References: <013B69FA8423AE4585E1D2D1AA16ACB101D81A7043@VENUS1.in.megatrends.com>
 <ca348d7b-1fc3-b9ee-7846-a5cd07168aa3@redhat.com>
In-Reply-To: <ca348d7b-1fc3-b9ee-7846-a5cd07168aa3@redhat.com>
Accept-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
dlp-version: 11.5.1.3
dlp-product: dlpe-windows
dlp-reaction: no-action
authentication-results: redhat.com; dkim=none (message not signed)
 header.d=none;redhat.com; dmarc=none action=none header.from=intel.com;
x-originating-ip: [101.80.124.211]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 36af79e5-df30-46c8-0299-08d86b207fbe
x-ms-traffictypediagnostic: CY4PR11MB1813:
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <CY4PR11MB181351EFA995E56FB4543B558C0B0@CY4PR11MB1813.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:3276;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 5ey4qTAdTu4bRJ90HhlsW3wExV+Gg9gaqe6TC9OeGVijO5/fV8WQ8yx/KPEJKcW/1RViVAs2Sz98T6Donb+KLc/6ojRggy0k8vCN+iF1DQhxW4GeL2YySX7xZ3TBmZJLSqp63TSJnGaoPngnSyKQERJl8XCKsuAJ3OWbz6dDSq+gee51ylT++jtCgB60YBszsgYdvXdkdqdNaJVX2N8vIU5Fy9cbm2hGi2d/HO33YEkOwlCesV3HFelCMJcXb03qeD2n0iYoawoh4ObIg2R4X6CyOESZ+L0IjwyILT+8LWbP5fch4Yk4nQdz8f3gBxRux+Y4SWkbv1zWPVMJSrASYw==
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:CY4PR11MB1288.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(376002)(396003)(39860400002)(346002)(136003)(366004)(76116006)(66446008)(66476007)(64756008)(66556008)(2906002)(8676002)(5660300002)(8936002)(86362001)(66946007)(52536014)(7696005)(53546011)(26005)(71200400001)(54906003)(316002)(110136005)(9686003)(83380400001)(6506007)(4744005)(55016002)(478600001)(4326008)(186003)(33656002);DIR:OUT;SFP:1102;
x-ms-exchange-antispam-messagedata: FmB6HCsSidwgyyokeONeH3uvm/js2Tia3/CnDGmnCwa2OuUh486RnEpZn+7peqltbOsqLNznLCopGxtL7KDKVeLDzRJ4c9zRza9Rcc4JUUrwVwl8CruEVnGfJsjdDrviBquGcl/9Fe78CSQd7pOuiqj65BlckAKdzhqz3SIzU8uyJdgzF0I91O1dd3jLTwtfs2hzYUTHoeO8BVzBdDWj6dK97CzXNDGbsHomxQny5quurj7Wl7430lkMs5UY6txyUTZBf6AHa6R1ECxmqz4loa7OgaT7au9bIm1EsYFzNZ205JvHo/MnrzmdHiP4Mu2rEeenzpBDMeb/qpDj3xXFuM3LdovVKsRCDbMPPJBQIRRUee2qUkQSZfvWrv0e7LMUnyYNEvx4XiVm1asNgnH4gl08XLlVR0PCvwRZ5AiYGEOZ95ALXT5/X6NamP/il4LjMf6s7fEz7KyUJDo2+DVzBW9dsNh7CTcxcstZWlPjdfpMn5gmwNkB7GUDj73PKNLvlnskowYnr6Vvg+zkgkfW0QM9V7nDXlukPMsbYgy9m2cWxocifXfELsfw/pRwphaTOZhvDXDE7EdCP83NnW7f+P6aVS5x9ppY4QC4WO83pveCZOmjQTKILrY4m/LqCSepPybfZIeJlH3PhJe0evO5Hg==
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: CY4PR11MB1288.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 36af79e5-df30-46c8-0299-08d86b207fbe
X-MS-Exchange-CrossTenant-originalarrivaltime: 08 Oct 2020 00:24:19.7090
 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: ZxAB08W+bIC/9biOifQxxqracCN/NFtWJn6HIj5Ue1sOcof++GpO9NtWSu4jfGK8pZvxGj0ZA7RZJd6W07+iSQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR11MB1813
Return-Path: jiewen.yao@intel.com
X-OriginatorOrg: intel.com
Content-Language: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

I do not know if cryptopkg has such plan.

You may file a Bugzilla to record this request.

Thank you
Yao Jiewen

> -----Original Message-----
> From: Laszlo Ersek <lersek@redhat.com>
> Sent: Thursday, October 8, 2020 12:11 AM
> To: devel@edk2.groups.io; prarthanasv@amiindia.co.in
> Cc: Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu, Jiaxin
> <jiaxin.wu@intel.com>; Fu, Siyuan <siyuan.fu@intel.com>; Yao, Jiewen
> <jiewen.yao@intel.com>; Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> <xiaoyux.lu@intel.com>; Jiang, Guomin <guomin.jiang@intel.com>
> Subject: Re: [edk2-devel] Server name Indication (SNI) support in CryptoP=
kg
>=20
> On 10/07/20 14:13, Prarthana Sagar V wrote:
> > Hello,
> >
> > CryptoPkg has no support to send SNI extension in ClientHello during
> Handshake.
> > When multiple URLs are used in single server, then it is necessary to s=
end host
> name as SNI in ClientHello to make the handshake successful.
> > Does EDK2 have any plan to support it?
>=20
> CC'ing NetworkPkg and CryptoPkg owners.
>=20
> Thanks
> Laszlo


From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from IMSVA.IN.MEGATRENDS.COM (IMSVA.IN.MEGATRENDS.COM [14.98.235.2])
 by mx.groups.io with SMTP id smtpd.web12.11486.1602162269178790957
 for <devel@edk2.groups.io>;
 Thu, 08 Oct 2020 06:04:29 -0700
Authentication-Results: mx.groups.io;
 dkim=missing; spf=none, err=SPF record not found (domain: amiindia.co.in, ip: 14.98.235.2, mailfrom: prarthanasv@amiindia.co.in)
Received: from IMSVA.IN.MEGATRENDS.COM (IMSVA.IN.MEGATRENDS.COM [127.0.0.1])
	by IMSVA (Postfix) with ESMTP id 07D9582047;
	Thu,  8 Oct 2020 18:43:24 +0530 (IST)
Received: from IMSVA.IN.MEGATRENDS.COM (IMSVA.IN.MEGATRENDS.COM [127.0.0.1])
	by IMSVA (Postfix) with ESMTP id 6B2D082046;
	Thu,  8 Oct 2020 18:43:22 +0530 (IST)
Received: from webmail.amiindia.co.in (venus2.in.megatrends.com [10.0.0.7])
	by IMSVA.IN.MEGATRENDS.COM (Postfix) with ESMTPS;
	Thu,  8 Oct 2020 18:43:22 +0530 (IST)
Received: from VENUS1.in.megatrends.com ([fe80::951:7975:6ecf:eae5]) by
 Venus2.in.megatrends.com ([fe80::2002:4a07:4f17:c09b%14]) with mapi id
 14.03.0248.002; Thu, 8 Oct 2020 18:34:17 +0530
From: "Prarthana Sagar V" <prarthanasv@amiindia.co.in>
To: "Yao, Jiewen" <jiewen.yao@intel.com>, Laszlo Ersek <lersek@redhat.com>,
	"devel@edk2.groups.io" <devel@edk2.groups.io>
CC: Maciej Rabeda <maciej.rabeda@linux.intel.com>, "Wu, Jiaxin"
	<jiaxin.wu@intel.com>, "Fu, Siyuan" <siyuan.fu@intel.com>, "Wang, Jian J"
	<jian.j.wang@intel.com>, "Lu, XiaoyuX" <xiaoyux.lu@intel.com>, "Jiang,
 Guomin" <guomin.jiang@intel.com>
Subject: Re: [edk2-devel] Server name Indication (SNI) support in CryptoPkg
Thread-Topic: [edk2-devel] Server name Indication (SNI) support in CryptoPkg
Thread-Index: Adaco1PJcjtr0lKzQYiF5CCUGEZWVv//5egAgACJ9oD//tdJoA==
Date: Thu, 8 Oct 2020 13:04:17 +0000
Message-ID: <013B69FA8423AE4585E1D2D1AA16ACB101D81A78B3@VENUS1.in.megatrends.com>
References: <013B69FA8423AE4585E1D2D1AA16ACB101D81A7043@VENUS1.in.megatrends.com>
 <ca348d7b-1fc3-b9ee-7846-a5cd07168aa3@redhat.com>
 <CY4PR11MB12889A2F80632E28D35C64488C0B0@CY4PR11MB1288.namprd11.prod.outlook.com>
In-Reply-To: <CY4PR11MB12889A2F80632E28D35C64488C0B0@CY4PR11MB1288.namprd11.prod.outlook.com>
Accept-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-originating-ip: [10.0.3.104]
MIME-Version: 1.0
X-TM-AS-GCONF: 00
X-TM-AS-Product-Ver: IMSVA-9.1.0.1817-8.6.0.1013-25712.007
X-TM-AS-Result: No--17.604-5.0-31-10
X-imss-scan-details: No--17.604-5.0-31-10
X-TMASE-Version: IMSVA-9.1.0.1817-8.6.1013-25712.007
X-TMASE-Result: 10--17.604300-10.000000
X-TMASE-MatchedRID: zGP2F0O7j/vjIHTY55IMSWXaK3KHx/xp6nvAsCWRRlGYJpw+m3jgscR9
	SPQVoSYgAkeMKp3+0w31ksjBX8R+8DeiGq2NlS7FZBMtKnKUIRjRjnAHxymurtURh96ntLOmZNK
	ZtQKCl+cGaQZ2WtBOfifl+XHPPs0OKKsgdJtjZ2oYxRF+FCQQsgvxMaV6x4s8oLp6cSZbtF/3iZ
	alBDMQPwi7ihDGs10VV1uoDPGLPAhDq2SVEk72KO54vhk1EvsRxEHRux+uk8irEHfaj14ZyVVoE
	XK0hBS3
X-TMASE-SNAP-Result: 1.821001.0001-0-1-12:0,22:0,33:0,34:0-0
Content-Language: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

I have already raised this request in Bugzilla and they mentioned to mail t=
o devel group.
https://bugzilla.tianocore.org/show_bug.cgi?id=3D2953

Thanks
Prarthana


-----Original Message-----
From: Yao, Jiewen [mailto:jiewen.yao@intel.com]=20
Sent: 08 October 2020 05:54
To: Laszlo Ersek <lersek@redhat.com>; devel@edk2.groups.io; Prarthana Sagar=
 V <prarthanasv@amiindia.co.in>
Cc: Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu, Jiaxin <jiaxin.wu@in=
tel.com>; Fu, Siyuan <siyuan.fu@intel.com>; Wang, Jian J <jian.j.wang@intel=
.com>; Lu, XiaoyuX <xiaoyux.lu@intel.com>; Jiang, Guomin <guomin.jiang@inte=
l.com>
Subject: RE: [edk2-devel] Server name Indication (SNI) support in CryptoPkg

I do not know if cryptopkg has such plan.

You may file a Bugzilla to record this request.

Thank you
Yao Jiewen

> -----Original Message-----
> From: Laszlo Ersek <lersek@redhat.com>
> Sent: Thursday, October 8, 2020 12:11 AM
> To: devel@edk2.groups.io; prarthanasv@amiindia.co.in
> Cc: Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu, Jiaxin=20
> <jiaxin.wu@intel.com>; Fu, Siyuan <siyuan.fu@intel.com>; Yao, Jiewen=20
> <jiewen.yao@intel.com>; Wang, Jian J <jian.j.wang@intel.com>; Lu,=20
> XiaoyuX <xiaoyux.lu@intel.com>; Jiang, Guomin <guomin.jiang@intel.com>
> Subject: Re: [edk2-devel] Server name Indication (SNI) support in=20
> CryptoPkg
>=20
> On 10/07/20 14:13, Prarthana Sagar V wrote:
> > Hello,
> >
> > CryptoPkg has no support to send SNI extension in ClientHello during
> Handshake.
> > When multiple URLs are used in single server, then it is necessary=20
> > to send host
> name as SNI in ClientHello to make the handshake successful.
> > Does EDK2 have any plan to support it?
>=20
> CC'ing NetworkPkg and CryptoPkg owners.
>=20
> Thanks
> Laszlo


From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [216.205.24.124])
 by mx.groups.io with SMTP id smtpd.web12.11673.1602243590648493524
 for <devel@edk2.groups.io>;
 Fri, 09 Oct 2020 04:39:50 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=f7O/55PH;
 spf=pass (domain: redhat.com, ip: 216.205.24.124, mailfrom: lersek@redhat.com)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1602243589;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=PI9oPVVRmOWbSZFIpouS5N6MepQDwdQ/ruH1kMGZCFs=;
	b=f7O/55PHbsB1CcaNCk2Fooy1dtC/ekKz7eDb77+MDk4X8fAy0AuxfE6GZMINHsUSxTHfvl
	29iaN8YEBkru90TiaSCIePKqthxPOMGzCVJef/nrGwcRYltaEt+xabpxE5TDWzPJdE0QCM
	8axcSS35JnB0PEtVnsa9J3a3SGt+GAY=
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com
 [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id
 us-mta-491-L0oSvQ9TPHue2QiYqUrAyw-1; Fri, 09 Oct 2020 07:39:43 -0400
X-MC-Unique: L0oSvQ9TPHue2QiYqUrAyw-1
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 4A44318A0733;
	Fri,  9 Oct 2020 11:39:42 +0000 (UTC)
Received: from lacos-laptop-7.usersys.redhat.com (ovpn-113-57.ams2.redhat.com [10.36.113.57])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 4090E6266E;
	Fri,  9 Oct 2020 11:39:40 +0000 (UTC)
Subject: Re: [edk2-devel] Server name Indication (SNI) support in CryptoPkg
To: Prarthana Sagar V <prarthanasv@amiindia.co.in>,
 "Yao, Jiewen" <jiewen.yao@intel.com>,
 "devel@edk2.groups.io" <devel@edk2.groups.io>
Cc: Maciej Rabeda <maciej.rabeda@linux.intel.com>,
 "Wu, Jiaxin" <jiaxin.wu@intel.com>, "Fu, Siyuan" <siyuan.fu@intel.com>,
 "Wang, Jian J" <jian.j.wang@intel.com>, "Lu, XiaoyuX"
 <xiaoyux.lu@intel.com>, "Jiang, Guomin" <guomin.jiang@intel.com>
References: <013B69FA8423AE4585E1D2D1AA16ACB101D81A7043@VENUS1.in.megatrends.com>
 <ca348d7b-1fc3-b9ee-7846-a5cd07168aa3@redhat.com>
 <CY4PR11MB12889A2F80632E28D35C64488C0B0@CY4PR11MB1288.namprd11.prod.outlook.com>
 <013B69FA8423AE4585E1D2D1AA16ACB101D81A78B3@VENUS1.in.megatrends.com>
From: "Laszlo Ersek" <lersek@redhat.com>
Message-ID: <a92db5f3-3dd2-7b8b-e2c6-e1017a8636a1@redhat.com>
Date: Fri, 9 Oct 2020 13:39:39 +0200
MIME-Version: 1.0
In-Reply-To: <013B69FA8423AE4585E1D2D1AA16ACB101D81A78B3@VENUS1.in.megatrends.com>
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15
Authentication-Results: relay.mimecast.com;
	auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=lersek@redhat.com
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: 7bit

On 10/08/20 15:04, Prarthana Sagar V wrote:
> I have already raised this request in Bugzilla and they mentioned to mail to devel group.
> https://bugzilla.tianocore.org/show_bug.cgi?id=2953

Sorry about that.

Then it seems nobody has currently an interest in implementing this
feature. The BZ is a good place to keep it on the record. Of course the
existence of a BZ still doesn't guarantee that the feature will be
implemented.

You could research the feature and attempt to contribute it, as well.

Thanks
Laszlo


> -----Original Message-----
> From: Yao, Jiewen [mailto:jiewen.yao@intel.com] 
> Sent: 08 October 2020 05:54
> To: Laszlo Ersek <lersek@redhat.com>; devel@edk2.groups.io; Prarthana Sagar V <prarthanasv@amiindia.co.in>
> Cc: Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu, Jiaxin <jiaxin.wu@intel.com>; Fu, Siyuan <siyuan.fu@intel.com>; Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX <xiaoyux.lu@intel.com>; Jiang, Guomin <guomin.jiang@intel.com>
> Subject: RE: [edk2-devel] Server name Indication (SNI) support in CryptoPkg
> 
> I do not know if cryptopkg has such plan.
> 
> You may file a Bugzilla to record this request.
> 
> Thank you
> Yao Jiewen
> 
>> -----Original Message-----
>> From: Laszlo Ersek <lersek@redhat.com>
>> Sent: Thursday, October 8, 2020 12:11 AM
>> To: devel@edk2.groups.io; prarthanasv@amiindia.co.in
>> Cc: Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu, Jiaxin 
>> <jiaxin.wu@intel.com>; Fu, Siyuan <siyuan.fu@intel.com>; Yao, Jiewen 
>> <jiewen.yao@intel.com>; Wang, Jian J <jian.j.wang@intel.com>; Lu, 
>> XiaoyuX <xiaoyux.lu@intel.com>; Jiang, Guomin <guomin.jiang@intel.com>
>> Subject: Re: [edk2-devel] Server name Indication (SNI) support in 
>> CryptoPkg
>>
>> On 10/07/20 14:13, Prarthana Sagar V wrote:
>>> Hello,
>>>
>>> CryptoPkg has no support to send SNI extension in ClientHello during
>> Handshake.
>>> When multiple URLs are used in single server, then it is necessary 
>>> to send host
>> name as SNI in ClientHello to make the handshake successful.
>>> Does EDK2 have any plan to support it?
>>
>> CC'ing NetworkPkg and CryptoPkg owners.
>>
>> Thanks
>> Laszlo
>