W3C home > Mailing lists > Public > ietf-http-wg@w3.org > July to September 2014

Re: 9.2.2 Cipher fallback and FF<->Jetty interop problem

From: Simone Bordet <simone.bordet@gmail.com>
Date: Fri, 5 Sep 2014 12:15:20 +0200
Message-ID: <CAFWmRJ0hT-8ajVXyg2df0zp+MctkPP-TQp3v0-e8Y9w4gV3jLA@mail.gmail.com>
To: Martin Thomson <martin.thomson@gmail.com>
Cc: Greg Wilkins <gregw@intalio.com>, HTTP Working Group <ietf-http-wg@w3.org>
Hi,

On Fri, Sep 5, 2014 at 9:24 AM, Martin Thomson <martin.thomson@gmail.com> wrote:
> On 4 September 2014 19:12, Greg Wilkins <gregw@intalio.com> wrote:
>> Thus I don't have the information available to exclude h2-14 from the
>> protocol list on the basis of negotiated cipher.
>
> The server selects both ALPN and cipher suite.
>
> If ALPN is picked first of those two in the OpenJDK implementation,
> that's fine, as long as the cipher suite selection is OK.
>
> A client offering "h2" should be including valid choices, so the only
> problem is tweaking the suite selection process somehow.

Can you remind why this is necessary at all ?
Section 9.2.2 says what, but not why, and I think it would be useful
to have some text that explains.

Thanks !

-- 
Simone Bordet
http://bordet.blogspot.com
---
Finally, no matter how good the architecture and design are,
to deliver bug-free software with optimal performance and reliability,
the implementation technique must be flawless.   Victoria Livschitz
Received on Friday, 5 September 2014 10:15:47 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 30 March 2016 09:57:10 UTC