Re: Concluding discussion on #612 (9.2.2) from Eric Rescorla on 2014-10-10 (ietf-http-wg@w3.org from October to December 2014)

From: Eric Rescorla <ekr@rtfm.com>
Date: Fri, 10 Oct 2014 14:47:05 -0700
To: Greg Wilkins <gregw@intalio.com>
Cc: Ilari Liusvaara <ilari.liusvaara@elisanet.fi>, HTTP Working Group <ietf-http-wg@w3.org>
Message-ID: <CABcZeBPnd=C3Oi2wdbQTqTbA4LOyy37bZhHO42-9CPuDk=zrYw@mail.gmail.com>

On Fri, Oct 10, 2014 at 2:38 PM, Greg Wilkins <gregw@intalio.com> wrote:
>
> Offering unacceptable pairings and hoping the server will never see those
> as acceptable is fragile.
>

This ship has already sailed:
TLS clients regularly offer TLS 1.2 with AEAD cipher suites but will accept
TLS 1.1. However, the AEAD cipher suites are forbidden with TLS 1.1.

-Ekr

Received on Friday, 10 October 2014 21:48:13 UTC