Re: 9.2.2 Cipher fallback and FF<->Jetty interop problem

On 24 September 2014 03:43, Simone Bordet <> wrote:
>>   h2acceptable = !isStream && !isBlock && isFsCapable
> Ok, this will be out of date any moment a new algorithm is discovered,
> and would require modify the source (and recompile).

Absolutely not true.  These properties are completely deterministic.

> Also, I understand it right that the logic above will apply to all
> protocols spoken by the client, not only h2 ?
> That is, the client can only offer ciphers that are h2 acceptable,
> even if the server does not speak h2, and even if the server picks
> another protocol.

Not so.  A client offering different protocols can offer different
suites, it only has to understand whether each suite offered, if
selected by a server, is OK for h2.

> A polyglot h1, h2 client correctly configured that tries to connect to
> an old server won't be able to establish a connection speaking h1
> because the old server won't know the new ciphers (e.g. web spiders).

Yes it can.  The client can offer old cipher suites.  The old server
will just ignore the new suites.

Received on Thursday, 25 September 2014 10:31:40 UTC