- From: Martin Thomson <martin.thomson@gmail.com>
- Date: Fri, 5 Sep 2014 16:35:57 -0700
- To: Greg Wilkins <gregw@intalio.com>
- Cc: Patrick McManus <mcmanus@ducksong.com>, HTTP Working Group <ietf-http-wg@w3.org>
On 5 September 2014 14:58, Greg Wilkins <gregw@intalio.com> wrote: > I don't think it is acceptable for specifications to aggregate > unsuccessfully like that. Sure I can try to influence the development of > ALPN in the JVM to support selection of cipher and protocol rather than just > protocol - but that is not captured by an RFC. You shouldn't have to. Have you tried my suggestions at all? > I'm happy to be intolerant of insecure ciphers. If they are no good, let's > just make them unacceptable. Let's not discourage the use of h2. As the draft explains, clients will still need to offer those insecure ciphers for HTTP/1.1 backwards compatibility.
Received on Friday, 5 September 2014 23:36:25 UTC