TLS ALPN Proposal v2
Simone Bordet
simone.bordet at gmail.com
Fri Jun 5 15:16:40 UTC 2015
Hi,
On Fri, Jun 5, 2015 at 4:46 PM, Xuelei Fan <xuelei.fan at oracle.com> wrote:
> If H2 is not supported, SPDY/3.1 would be attempted, of SPDY/3.1 is not
> supported HTTP/1.1 would be attempted.
Correct.
> If H2 is supported in both side,
> but H2 does not work, it is a H2 problem that need to be addressed in H2
> layer.
If both client and server have "h2" as a potentially supported
protocol, but the cipher to use h2 is not valid, then h2 is not
supported for that particular connection.
At that point, like you said above, spdy/3.1 is attempted, and so on.
> No application protocol fallback in TLS layer if the application
> protocol is supported.
Your interpretation of "supported" is not what browser and server
implementors mean :)
> I understand your concerns now. I think we have different understanding
> of the ALPN protocols. It's a good thing to understand the actually
> requirements of the industry, I think. Thank you!
So where does this leave us know ?
By the way, while I have participated in the RFC 7540 discussions, and
implemented HTTP/2 in Jetty to be interoperable with a variety of
other clients and servers, feel free to ask clarifications to the RFC
7540 and RFC 7301 mailing lists, or even directly to the editors of
those RFCs; they are typically open to answer questions, I guess
especially so if they come from the OpenJDK team that is implementing
those specification.
Thanks !
--
Simone Bordet
http://bordet.blogspot.com
---
Finally, no matter how good the architecture and design are,
to deliver bug-free software with optimal performance and reliability,
the implementation technique must be flawless. Victoria Livschitz
More information about the security-dev
mailing list