TLS ALPN Proposal v3
Xuelei Fan
xuelei.fan at oracle.com
Thu Jul 9 00:44:40 UTC 2015
On 7/9/2015 7:42 AM, Bradford Wetmore wrote:
> Xuelei/Simone wrote:
>>> Per my understanding, application protocol should be negotiated before
>>> cipher suite and protocol version negotiated.
>>
>> This is not possible for HTTP/2.
>> Application protocol negotiation MUST happen *after* the TLS protocol
>> and the TLS cipher are negotiated.
>
> Yes, that's my understanding as well.
What are the behaviors of other vendors? Can we ask for a clarification
from both HTTP/2 and TLS WG?
Thanks,
Xuelei
More information about the security-dev
mailing list