From 4239e597d0d81e6c475b6c43b993eb4dbee1f556 Mon Sep 17 00:00:00 2001
From: Tamir Duberstein <tamird@gmail.com>
Date: Fri, 11 Dec 2015 15:22:57 -0500
Subject: [PATCH] README: clarify why TLS is limited

---
 README.md | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index d3298a9..9317546 100644
--- a/README.md
+++ b/README.md
@@ -57,8 +57,9 @@ is negligible.
 *TODO(soheil)*: Add benchmarks.
 
 ## Limitations
-* *TLS*: Since `cmux` sits in between the actual listener and the mux'ed
-listeners, TLS handshake is not handled inside the actual servers.
+* *TLS*: `net/http` uses a type assertion to identify TLS connections; since
+cmux's lookahead-implementing connection wraps the underlying TLS connection,
+this type assertion fails.
 Because of that, you can serve HTTPS using cmux but `http.Request.TLS`
 would not be set in your handlers.