RE: TLS ALPN Proposal v3

Our implementation takes the more permissive view that clients should only offer cipher suites they're comfortable using, and servers should only select cipher suites they're comfortable using.  That has nothing to do with the application protocol in use -- the lists are the same for h1 and h2.

The server's config should certainly prefer better cipher suites, but if only blacklisted cipher suites are present on a client request, it still works if the server is configured to allow those ciphers.

-----Original Message-----
From: Stefan Eissing [] 
Sent: Wednesday, July 22, 2015 7:51 AM
To: Jason T. Greene <>
Cc: Bradford Wetmore <>;
Subject: Re: TLS ALPN Proposal v3

Uhm, yeah. That is certainly the PoV of the spec. For the current value of "blacklisted".

I am looking forward to see that evolve and how the wg will do a global software update of the internet and enterprises then.


> Am 22.07.2015 um 05:20 schrieb Jason T. Greene <>:
> If only blacklisted ciphers are sent in the clienthello, even if the client advertises h2 the server should select h1.

Received on Wednesday, 22 July 2015 06:02:13 UTC