How can you identify HTTP/2 negotiation via ALPN in a TLS ClientHello?

Prepare for the Wireshark Traffic Analysis Exam. Study with flashcards and multiple choice questions, each question includes hints and explanations. Ace your exam!

Multiple Choice

How can you identify HTTP/2 negotiation via ALPN in a TLS ClientHello?

Explanation:
ALPN is the mechanism used to decide which application protocol will run over TLS. In the TLS handshake, the client advertises the protocols it supports in the ALPN extension of the ClientHello, and for HTTP/2 the protocol name is "h2". If the server also supports HTTP/2, it will choose one and advertise that choice in the ServerHello ALPN extension. In Wireshark, you can see this by inspecting the TLS handshake: the ClientHello should list "h2" in the ALPN extension, and the ServerHello ALPN extension should show "h2" as the negotiated protocol. If ALPN isn’t used or a different protocol is negotiated (for example, http/1.1), HTTP/2 won’t be established.

ALPN is the mechanism used to decide which application protocol will run over TLS. In the TLS handshake, the client advertises the protocols it supports in the ALPN extension of the ClientHello, and for HTTP/2 the protocol name is "h2". If the server also supports HTTP/2, it will choose one and advertise that choice in the ServerHello ALPN extension. In Wireshark, you can see this by inspecting the TLS handshake: the ClientHello should list "h2" in the ALPN extension, and the ServerHello ALPN extension should show "h2" as the negotiated protocol. If ALPN isn’t used or a different protocol is negotiated (for example, http/1.1), HTTP/2 won’t be established.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy