Re: null ciphers in 9.2.2

On Sep 30, 2014, at 10:09 PM, Martin Thomson <martin.thomson@gmail.com> wrote:

> On 30 September 2014 20:05, Jason Greene <jason.greene@redhat.com> wrote:
>> If HTTP/2 simply wanted to reflect where TLS 1.3 was heading towards, it could accomplish that by requiring the capabilities of 1.3, and leaving out the social hack.
> 
> I don't know how to interpret that statement.  We are reflecting where
> TLS 1.3 is heading.  That means that I don't know what the "social
> hack" you are refer to is.

A TLS 1.3 stack will accept a TLS 1.2 client using a cipher which a compliant HTTP/2 stack will then reject. 
--
Jason T. Greene
WildFly Lead / JBoss EAP Platform Architect
JBoss, a division of Red Hat

Received on Wednesday, 1 October 2014 03:15:43 UTC