21:25 <isd> I want to support the following: apps can powerbox-offer a TcpPort (from ip.capnp), and one thing the user has the option of doing with it is binding it to a particular hostname, which sandstorm dispatches based on SNI. This would let us write apps that do things like matrix/activitypub/xmpp, but still have Sandstorm manage TLS keys, and be able to multiplex port 443 for TLS. For protocols which are HTTP based, we could

21:25 <isd> potentially do this at a higher level in the stack, doing the dispatch at the HTTP layer. But, for things like matrix which has its own opinions about the Authorization header, I'm inclined to suggest we should let it do its own management of HTTP headers. Maybe we could use the http-over-capnp stuff that's in capnp c++ to support this, rather than forcing such apps to use WebSession which is designed around sandboxing apps.

21:26 <isd> I have some open questions regarding how much we can rely on other software to use SNI for these protcols, but it may be reliable for at least some of them.

23:05 <JacobWeisz[m]> One of the things I'd be curious about here is if there'd be support for servers running on other ports with the apps you're looking at supporting here.

23:05 <JacobWeisz[m]> In my case, we'd be talking about sharing port 6080.

23:10 <JacobWeisz[m]> Do you imagine any issues with people being able to "browse" from these endpoints? IIRC, the API endpoint does a bit to try to prevent normal web browsers from navigating to them.

23:57 <isd> you could potentially do other ports, and it needn't be restricted to the port sandstorm happens to otherwise be listening on, though obviously opening up a new port should require admin -- open for debate how sensitive using an existing port is.

23:58 <isd> ...but I see this as something "most apps" will not do, vs. api endpoints which are used all over the place. Per discussions we've had in the past, I think there are a limited number of protocols that really require something super custom

23:59 <isd> I'd be okay with at least by default not giving normal users access to this at all.

23:59 <JacobWeisz[m]> I'd really like opening up a new port to not require admin, if appropriately limited in scope.

23:59 <JacobWeisz[m]> Or perhaps designating some groups of ports that can be used or something.