W3C home > Mailing lists > Public > ietf-http-wg@w3.org > July to September 2014

Re: 9.2.2 Cipher fallback and FF<->Jetty interop problem

From: Martin Thomson <martin.thomson@gmail.com>
Date: Fri, 5 Sep 2014 16:37:27 -0700
Message-ID: <CABkgnnVqoi1Bfkf-sknQTxOpeKHsChmWzXiQ+y2gDZpq2PonPA@mail.gmail.com>
To: Michael Sweet <msweet@apple.com>
Cc: Simone Bordet <simone.bordet@gmail.com>, Patrick McManus <mcmanus@ducksong.com>, Greg Wilkins <gregw@intalio.com>, HTTP Working Group <ietf-http-wg@w3.org>
On 5 September 2014 15:35, Michael Sweet <msweet@apple.com> wrote:
> RFC 5246 requires a conforming implementation to be able to negotiate TLS_RSA_WITH_AES_128_CBC_SHA.  HTTP/2 requires conformance to RFC 5246 but forbids negotiation of TLS_RSA_WITH_AES_128_CBC_SHA.  Do you not see the problem this creates?

Yes.  And it would be a problem if we hadn't already fixed it.
Received on Friday, 5 September 2014 23:37:55 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:14:37 UTC