W3C home > Mailing lists > Public > ietf-http-wg@w3.org > July to September 2014

Re: 9.2.2 Cipher fallback and FF<->Jetty interop problem

From: Roy T. Fielding <fielding@gbiv.com>
Date: Thu, 18 Sep 2014 10:56:41 -0700
Cc: Greg Wilkins <gregw@intalio.com>, HTTP Working Group <ietf-http-wg@w3.org>
Message-Id: <B9D3F14A-C300-4AB7-B140-41E86CFCB24F@gbiv.com>
To: Simone Bordet <simone.bordet@gmail.com>
On Sep 18, 2014, at 9:33 AM, Simone Bordet wrote:
> On Thu, Sep 18, 2014 at 5:41 PM, Roy T. Fielding <fielding@gbiv.com> wrote:
>> I still don't believe that any of these requirements belong in h2,
>> and I won't implement them even if they end up in the RFC.
> 
> As much as I would like to have 9.2.2 reworded to delegate to the TLS
> spec, not implementing it on servers while all major browsers
> implements it will result in a closed connection, no fallback and an
> empty white page.

No, it will just be left to the administrator to configure the right ciphers.
Doing that inside an application protocol is insane.

....Roy
Received on Thursday, 18 September 2014 17:57:05 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 30 March 2016 09:57:10 UTC