Re: draft-west-leave-secure-cookies-alone

On 22 October 2015 at 04:26, Mike West <mkwst@google.com> wrote:
> I think we can mitigate the impact by rolling this kind of change out
> in a somewhat coordinated fashion, and announcing it beforehand. The
> current cipher-suite deprecations seem like a reasonable model to
> follow.

I had hoped that would wouldn't need to resort to that.  Of course, if
we can agree to do so, then I'm all over it.

At less than 0.05% I think that I could probably tolerate breakage.

Received on Thursday, 22 October 2015 16:57:14 UTC