Server Name Indication
A website owner can require SNI support, either by allowing their host to do this for them, or by directly consolidating multiple hostnames onto a smaller number of IP addresses. Requiring SNI has the potential to save significant money and resources.
However, a few legacy clients (notably, Internet Explorer on Windows XP) do not support SNI, and will be cut off if SNI is required.
Website owners are encouraged to evaluate whether requiring SNI is feasible:
For websites accessed primarily by browsers, look at usage by Internet Explorer on Windows XP, and Android 2.3 (and below). If these usage numbers are low, requiring SNI is likely feasible.
For web services accessed by non-browser clients (e.g. APIs), look at usage by Python 2.7.8 and Java 1.6 (and below), and any other relevant clients. APIs with heterogeneous clients may wish to do more sophisticated client detection, or staged rollouts.
analytics.usa.gov for an example of a .gov website which requires support for SNI.
Making HTTPS cheaper
Without SNI, a given IP address is only capable of reliably hosting a single hostname over
https://. Since IPv4 addresses are running out, IP addresses are expensive to reserve for single domains.
For many web hosts and content delivery networks, requiring that clients support SNI allows secure websites to be more efficiently hosted and can greatly reduce costs.
The most commonly used clients without support for SNI are:
- Internet Explorer 8 (and below) on Windows XP
- Some versions of Python 2 (fixed in 2.7.9)
- The default browser in Android 2.3 and earlier