Re: 9.2.2 Cipher fallback and FF<->Jetty interop problem

On Sep 18, 2014, at 9:33 AM, Simone Bordet wrote:
> On Thu, Sep 18, 2014 at 5:41 PM, Roy T. Fielding <fielding@gbiv.com> wrote:
>> I still don't believe that any of these requirements belong in h2,
>> and I won't implement them even if they end up in the RFC.
> 
> As much as I would like to have 9.2.2 reworded to delegate to the TLS
> spec, not implementing it on servers while all major browsers
> implements it will result in a closed connection, no fallback and an
> empty white page.

No, it will just be left to the administrator to configure the right ciphers.
Doing that inside an application protocol is insane.

....Roy

Received on Thursday, 18 September 2014 17:57:05 UTC