Re: Removing SSL 3.0/Poodle from Matthew Kerwin on 2014-10-21 (ietf-http-wg@w3.org from October to December 2014)

From: Matthew Kerwin <matthew@kerwin.net.au>
Date: Tue, 21 Oct 2014 16:49:38 +1000
To: Jim Manico <jim@manico.net>
Cc: HTTP Working Group <ietf-http-wg@w3.org>
Message-ID: <CACweHNAhPhmHie-e84Egw1g3SjHcLWU_=+=dgyKA2MxW-Kn9ow@mail.gmail.com>

On 21 October 2014 16:22, Jim Manico <jim@manico.net> wrote:

> Now that SSL 3.0 is dead due to POODLE, is there any chance it can be
> removed from the HTTP2 spec? It's security theatre at best right now.
>
>
I didn't think SSL (any version) was in the HTTP/2 spec.


-- 
  Matthew Kerwin
  http://matthew.kerwin.net.au/

Received on Tuesday, 21 October 2014 06:56:52 UTC