Re: 9.2.2 Cipher fallback and FF<->Jetty interop problem from Martin Thomson on 2014-09-23 (ietf-http-wg@w3.org from July to September 2014)

From: Martin Thomson <martin.thomson@gmail.com>
Date: Tue, 23 Sep 2014 03:09:36 -0700
To: Julian Reschke <julian.reschke@gmx.de>
Cc: Mark Nottingham <mnot@mnot.net>, Greg Wilkins <gregw@intalio.com>, Eric Rescorla <ekr@rtfm.com>, Jason Greene <jason.greene@redhat.com>, Patrick McManus <pmcmanus@mozilla.com>, HTTP Working Group <ietf-http-wg@w3.org>
Message-ID: <CABkgnnUX+XJL0opbJ0-EGCs7j81GQWx=ofqahx2L50+5T505oQ@mail.gmail.com>

On 23 September 2014 01:50, Julian Reschke <julian.reschke@gmx.de> wrote:
>>  The other is making all of 9.2.2 (and maybe 9.2.1) specific to TLS 1.2; i.e., to let TLS 1.3 and beyond control their own destiny.
> That sounds like a good idea in any case (independently of whether it
> addresses Greg's concerns wrt TLS 1.2).

Given that TLS have already agreed to make the same restrictions
(aside from mandatory to implement cipher suite) that 9.2.2 makes, I
see only upside to this.  The only restriction that seems like it
could be special is the SNI one, for which I will create a special
exclusion.

See here:
Received on Tuesday, 23 September 2014 10:10:04 UTC