[Cryptography] [cryptography] NIST Workshop on Elliptic Curve Cryptography Standards
Salz, Rich
rsalz at akamai.com
Sun May 17 22:52:12 EDT 2015
> Android is more of an issue but it seems like a self-limiting one.
I just looked at our stats; roughly 10% of our incoming SSL/TLS connections do not have an SNI value. That's a lot of the net to discount.
> From what I can see, Android 2.x doesn't do SNI, Android 4.x and 5.x do.
> There are still 2.x phones, but given the usual upgrade cycle they're likely to
> be retired a lot faster than old Windows boxes.
The upgrade cycle in the developing countries, where we see most old Android, is not the same as it is "here" where here is a deliberately vauge term that probably encompasses everyone who reads this list.
> Also, Android has good IPv6 support and if you have IPv6, SNI is irrelevant.
If your provider supports it. It's getting better globally, but again, see above.
/r$
More information about the cryptography
mailing list