TLS ALPN Proposal

Bernd Eckenfels ecki at
Fri May 22 19:14:03 UTC 2015

> > There was also some internal discussion about whether the values
> > should be Strings or byte arrays.  The ALPN RFC only discusses
> > bytes, and a String.toBytes("US-ASCII") would limit the API to
> > ASCII strings.
> >
> > Lastly, we could also add some convenience values for well-known
> > values. e.g.:
> >
> >     public static final AP_HTTP_1.1 = "http/1.1";
> >
> > or in byte form:
> >
> >     public static final AP_H2 = "h2".getBytes(""US-ASCII");
> >
> > I refrained from including SPDY/*, since they are on their way out
> > now, and NAT/STUN since there hasn't been any call for it so far.
> I agree that only http/1.1 and h2 deserve a constant.

I would suggest to make this encoded in latin1 instead. This is
supposed to be a 8bit clean encoding (and will be compatible to all
ASCII only strings). It is still ugly and needs to be documanted
cleanly that the string you get back might not be a string at all.


More information about the security-dev mailing list