W3C home > Mailing lists > Public > ietf-http-wg@w3.org > July to September 2014

Re: 9.2.2 Cipher fallback and FF<->Jetty interop problem

From: Greg Wilkins <gregw@intalio.com>
Date: Sat, 6 Sep 2014 16:36:34 +1000
Message-ID: <CAH_y2NHrbH5Objwhq9E89QexhQtND4uOdy8q7OEckTCU17WqKg@mail.gmail.com>
To: HTTP Working Group <ietf-http-wg@w3.org>
On 6 September 2014 15:03, Martin Thomson <martin.thomson@gmail.com> wrote:

> Preferable is subjective.  We've seen that demonstrated many times
> where servers pick RC4 over better ciphers because ...well, I can only
> speculate.

Exactly!  Sometimes infrastructure that is out of your control does things
according to the standards that you would rather they didn't.

I don't see how requiring h2 capable servers to sulk in protest and only
serve h1 is going to help?   Just because browser vendors are unwilling to
deprecate bad ciphers as it may affect their market share, you instead
want servers to try to force change by withholding h2 services!

It is a form of protest a-kin to holding your breath until you get your
Nobody will notice the protest as the web will just work as it always has
serving h1 over old ciphers.  Victory for the status quo!

So we end up stuck with ciphers that are
> sort-of-bad-but-not-broken-enough-to-pull.  Which sucks.

Sure that sucks, but I'm not sure it is our problem to fix.
I want world peace too, but making that a requirement for using h2 is not
going to help.


It's not hard. ... You just need to know how to influence suite

selection.... Do you want to break the web.

Geeeeeeeeeeeeeeeeeeeeze you like to troll sometimes!

I do know how to write code to pick something from a preference list....
I had realised that cipher selection has something to do with this
conversation.....   I spend all my free time in the WG in an effort to
destroy web connectivity as we know it !)


Greg Wilkins <gregw@intalio.com>
http://eclipse.org/jetty HTTP, SPDY, Websocket server and client that scales
http://www.webtide.com  advice and support for jetty and cometd.
Received on Saturday, 6 September 2014 06:37:03 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 30 March 2016 09:57:10 UTC