SNI

E258091

SNI (Server Name Indication) is a TLS extension that allows a client to specify the hostname it is trying to connect to so that the server can present the correct SSL/TLS certificate for virtual hosting.

All labels observed (4)

Label Occurrences
Server Name Indication 2
SNI canonical 1
SNI (Server Name Indication) 1

How this entity was disambiguated

Statements (47)

Predicate Object
instanceOf TLS extension
network protocol feature
abbreviationOf SNI self-linksurface differs
surface form: Server Name Indication
allows server to choose certificate based on requested hostname
server to choose virtual host configuration
backwardsCompatibility ignored by servers that do not support it
carriedIn ClientHello message
category Internet standard
security protocol extension
definedIn RFC 6066
enables multiple HTTPS sites on a single IP address
selection of correct TLS certificate for a given hostname
virtual hosting with TLS
extensionTypeCode 0
fieldType TLS extension field
fullName SNI self-linksurface differs
surface form: Server Name Indication
introducedIn TLS 1.0 era
layer transport layer
partOf TLS
surface form: Transport Layer Security
purpose allow client to indicate the hostname it is connecting to
support name-based virtual hosting over TLS
relatedTo ALPN
Encrypted Client Hello
name-based virtual hosting
requiredFor hosting multiple domains on one IP with HTTPS
securityConcern leaks destination hostname to network observers
standardizedBy Internet Engineering Task Force
surface form: IETF
status widely deployed
supportedBy TLS 1.0
TLS 1.1
TLS 1.2
RFC 8446
surface form: TLS 1.3
usedBy TLS client libraries
content delivery networks
load balancers
reverse proxies
web browsers
usedIn HTTP/2
HTTP/3
HTTPS
IMAP over TLS
POP3 over TLS
SMTP Service Extension for Secure SMTP over Transport Layer Security
surface form: SMTP over TLS

STARTTLS
TLS handshake
visibility can be encrypted using Encrypted Client Hello in TLS 1.3 extensions
sent in cleartext in TLS 1.2 and earlier

How these facts were elicited

Referenced by (5)

Full triples — surface form annotated when it differs from this entity's canonical label.

RFC 3546 defines SNI
SNI fullName SNI self-linksurface differs
this entity surface form: Server Name Indication
SNI abbreviationOf SNI self-linksurface differs
this entity surface form: Server Name Indication
RFC 6066 defines SNI
this entity surface form: SNI extension
Internet Information Services supportsFeature SNI
this entity surface form: SNI (Server Name Indication)