Re: 9.2.2 Cipher fallback and FF<->Jetty interop problem from Roland Zink on 2014-09-18 (ietf-http-wg@w3.org from July to September 2014)

From: Roland Zink <roland@zinks.de>
Date: Thu, 18 Sep 2014 11:20:43 +0200
To: ietf-http-wg@w3.org
Message-ID: <541AA3EB.3070602@zinks.de>

I think the goal of section 9.2.2 is laudable. But I'm not sure if the 
layering is ok. When this is done within TLS, say with TLS 1.3, then the 
problem would vanish and the http2 layer wouldn't need to worry about it.

Roland

On 18.09.2014 10:33, Cory Benfield wrote:
> Greg, I'm genuinely sympathetic to your original complaint. I've had 
> problem with cipher suites as well, and have accepted that the best I 
> can do is fail if the server screwed up. I don't like that approach. 
> But I think the goal of section 9.2.2 is laudable and I'd be loathe to 
> remove it without replacing it with something equally important. Cory

Received on Thursday, 18 September 2014 09:21:06 UTC