Re: 9.2.2 Cipher fallback and FF<->Jetty interop problem from Roland Zink on 2014-09-24 (ietf-http-wg@w3.org from July to September 2014)

From: Roland Zink <roland@zinks.de>
Date: Wed, 24 Sep 2014 11:23:29 +0200
To: ietf-http-wg@w3.org
Message-ID: <54228D91.5020002@zinks.de>

On 24.09.2014 11:14, Martin Thomson wrote:
> On 24 September 2014 02:08, Simone Bordet <simone.bordet@gmail.com> wrote:
>> Old h2 clients that are dynamically linked to a new TLS implementation
>> will have X but not know that is acceptable.
> Implementations shouldn't be enabling cipher suites that they don't understand.
>
You mean no cipher suite should ever be used :)

Applications may even have the cipher suite in use for other protocols 
but may not know it is allowed for h2.

Received on Wednesday, 24 September 2014 09:23:52 UTC