W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2014

TLS renegotiation

From: Martin Thomson <martin.thomson@gmail.com>
Date: Sat, 25 Jan 2014 08:28:47 +0100
Message-ID: <CABkgnnWvEpvuS+P2HK2UCyJfGvvZ6xqQDOww=xpy_KQ52ft9hA@mail.gmail.com>
To: HTTP Working Group <ietf-http-wg@w3.org>
Brian raises a fairly important set of points around negotiation:

https://github.com/http2/http2-spec/issues/363

I think that I can distill this down to two major concerns:

1. renegotiation causes problems with mapping server authentication to
requests; false start means that this is true even with renegotiation
immediately after connecting

2. client certificates are tricky because they often rely on
renegotiation and they can interact with any coalescing feature we
define

Discuss.
Received on Saturday, 25 January 2014 07:29:15 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:14:23 UTC