- From: Mark Nottingham <mnot@mnot.net>
- Date: Mon, 3 Nov 2014 11:03:20 +1100
- To: Michael Sweet <msweet@apple.com>
- Cc: Nicholas Hurley <hurley@todesschaf.org>, Brian Smith <brian@briansmith.org>, HTTP Working Group <ietf-http-wg@w3.org>
Michael, > On 2 Nov 2014, at 1:55 pm, Michael Sweet <msweet@apple.com> wrote: > > Also, based on the traffic on the TLS WG list, it looks like TLS/1.3 will still include cipher suites that are not allowed by the current HTTP/2 text, but are otherwise considered "secure". And thanks to the current wording, they will be valid when TLS/1.3 is negotiated but not TLS/1.2. (think of the interop issues there!) See the current proposal, which makes the requirements specific to TLS 1.2: https://github.com/http2/http2-spec/pull/615 — Mark Nottingham http://www.mnot.net/
Received on Monday, 3 November 2014 00:03:49 UTC