On Sun, Oct 14, 2018 at 1:38 AM Hanno Böck <ha...@hboeck.de> wrote: > Hi, > > Thanks for that interesting explanation. > > I just learned about another TLS 1.3 "intolerance" issue that people > deploying it should be aware of: It seems some servers don't consider > TLS 1.3 cipher suites as "safe" for HTTP/2 and this breaks connections: > https://bugzilla.mozilla.org/show_bug.cgi?id=1488240#c39
FWIW, I think this may have just been a defect in one provider . > While HTTP/2 is not necessarily the focus of this group I wonder what > that means, how HTTP/2 implementations should be made future proof and > if there can be a GREASE-like mechanism for it. > Whitelisting "safe" ciphers seems to be a bad idea and almost > inevitably will lead to more trouble in the future. > HTTP/2 was pretty careful to phrase this as a black list of unsafe ciphers, so while I agree that whatever happened here was bad, I'm not quite sure how RFC 7540 could have been written to make it less likely... -Ekr -- > Hanno Böck > https://hboeck.de/ > > mail/jabber: ha...@hboeck.de > GPG: FE73757FA60E4E21B937579FA5880072BBB51E42 > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls >
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
