Re: Concluding discussion on #612 (9.2.2) from Martin Thomson on 2014-10-09 (ietf-http-wg@w3.org from October to December 2014)

From: Martin Thomson <martin.thomson@gmail.com>
Date: Thu, 9 Oct 2014 09:39:16 -0700
To: Greg Wilkins <gregw@intalio.com>
Cc: Eric Rescorla <ekr@rtfm.com>, HTTP Working Group <ietf-http-wg@w3.org>
Message-ID: <CABkgnnVf193J913OaQqRC2mhrhRGi+=EOwuw1nfHzGFOHTb3Wg@mail.gmail.com>

On 8 October 2014 23:06, Greg Wilkins <gregw@intalio.com> wrote:
> I've reverted TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 to a MUST and switched
> the connection retry case to only when a client does inadequate security on
> a cipher it was offering
> for h1 fallback.
>
> So most connections will be 1 round trip for old and new servers.  There
> will be 2 round trips IFF a client chooses to offer weak ciphers for h1
> fallback and there is a difference with 9.2.2 interpretation.  A client can
> avoid having to implement the retry if it chooses to never offer a cipher
> that it will not accept for h2.

Good news!  This is the intent of 9.2.2.  Let's see if I can figure
out how to apply your changes to my PR (which includes a number of
other fixes).

Received on Thursday, 9 October 2014 16:39:44 UTC