W3C home > Mailing lists > Public > ietf-http-wg@w3.org > April to June 2014

RE: Stricter TLS Usage in HTTP/2

From: Richard Wheeldon (rwheeldo) <rwheeldo@cisco.com>
Date: Wed, 4 Jun 2014 16:34:52 +0000
To: Cory Benfield <cory@lukasa.co.uk>
CC: Patrick McManus <mcmanus@ducksong.com>, Yoav Nir <ynir.ietf@gmail.com>, Martin Thomson <martin.thomson@gmail.com>, William Chan (ι™ˆζ™Ίζ˜Œ) <willchan@chromium.org>, "HTTP Working Group" <ietf-http-wg@w3.org>, Adam Langley <agl@google.com>
Message-ID: <0566CA5E9B906D40B6737DD47DA9FB8F1B514D87@xmb-rcd-x04.cisco.com>
From: Cory Benfield [mailto:cory@lukasa.co.uk] 
 > This is a pain in the neck on platforms relying on OpenSSL. There's _no_ Python version or package that makes ALPN available at this point in time. This is in part because OpenSSL only has ALPN support in beta. It's already the case that Twisted cannot be a conforming HTTP/2 server at the moment, let's not torpedo Python HTTP/2 clients as well.

 > Is there any reason NPN isn't good enough?

NPN would be fine IMO. Having neither would be a problem. The layering issues get potentially ugly. How would a lib know whether or not to allow a connection?

Richard

Received on Wednesday, 4 June 2014 16:35:25 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:14:31 UTC