- From: Jason Greene <jason.greene@redhat.com>
- Date: Tue, 7 Oct 2014 19:36:49 -0500
- To: Albert Lunde <atlunde@panix.com>
- Cc: HTTP Working Group <ietf-http-wg@w3.org>
On Oct 7, 2014, at 1:34 PM, Albert Lunde <atlunde@panix.com> wrote:
> TLS 1.2 introduces the GCM ciphers that have the "holy grail" properties, so
> there's nothing wrong with parts of 1.2, it's just a question of how to deal
> with the legacy ciphers. But an API that gives a version number check won't
> draw the line at the right place.
The desired “parts” of 1.2 happen to be the exact 1.3 restrictions. So what’s happening here is 9.2.2 is trying to require 1.3 semantics without sending the required {3, 4} version identifier during negotiation which is what creates these handshaking issues.
--
Jason T. Greene
WildFly Lead / JBoss EAP Platform Architect
JBoss, a division of Red Hat
Received on Wednesday, 8 October 2014 00:37:21 UTC