- From: Amos Jeffries <squid3@treenet.co.nz>
- Date: Wed, 24 Sep 2014 21:41:21 +1200
- To: ietf-http-wg@w3.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 24/09/2014 9:14 p.m., Martin Thomson wrote: > On 24 September 2014 02:08, Simone Bordet wrote: >> Old h2 clients that are dynamically linked to a new TLS >> implementation will have X but not know that is acceptable. > > Implementations shouldn't be enabling cipher suites that they don't > understand. > In other words, h2 implementations written today must prohibit use of TLS/1.3+ cipher suites on grounds that we will not know the ciphers they will contain in future. Seriously? can we not simply pick a minimum version of TLS or BCP document as a whole and reference that? Amos -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) iQEcBAEBAgAGBQJUIpHBAAoJELJo5wb/XPRj7FgH/3RvFmb0ebWjw5o5H1Ssygrs KlPCXt9Fw0YIsat7m+0gNVkK0QS1+bVVtOitAhI2oAaMabhHDce2U+Q9h7VeQDnk 3HAJwMfVzlr6Xb4ypos/d8JO3cyg9jAOwfTzsNfM7BOU2u7qcwtuzPF82BwZIFBS R2cMiAcXF0adfD6ThfNvPcuXoPV5Mtn0nP9WkxUqyHrCXdCqU0DSFOTBM7x2HB6g xDEnhmJlxEokWa2UGNp/Dkcojt/dqmvg4mKC2zzxnia0bnE3wb++KeDViYeOLXtt MG2kjq7LzwdsXdVcoeZcHXhC+yi/qvwj0dPpmKhkYX1osC4488pQ+WvOf90HhPI= =sf7a -----END PGP SIGNATURE-----
Received on Wednesday, 24 September 2014 09:42:09 UTC