Re: 9.2.2 Cipher fallback and FF<->Jetty interop problem from Patrick McManus on 2014-09-23 (ietf-http-wg@w3.org from July to September 2014)

From: Patrick McManus <mcmanus@ducksong.com>
Date: Mon, 22 Sep 2014 20:20:45 -0400
To: Greg Wilkins <gregw@intalio.com>
Cc: HTTP Working Group <ietf-http-wg@w3.org>
Message-ID: <CAOdDvNo9KNiuq5_-+h=fXxXc=6_g6EOQTvYUTDUGZdhuevh9UQ@mail.gmail.com>

On Mon, Sep 22, 2014 at 7:40 PM, Greg Wilkins <gregw@intalio.com> wrote:

> interop problem is discovered



We don't have agreement that there is a problem here - your argument is
based around a world in which h2 doesn't know anything about the TLS
algorithms it is using and that just isn't how h2 is defined. Its expected
that frameworks will have some catching up to do - we've seen that progress
happen with ALPN already.

And to bump this up the stack a bit, this is really quite a useful
provision of h2. It is a waypoint for jettisoning stuff that we can't kill
for reasons of backwards compatibility (at least without a lot of pain) but
best practices tell us we shouldn't be using.

-P

Received on Tuesday, 23 September 2014 00:21:09 UTC