TLS ALPN Proposal v5

Weijun Wang weijun.wang at oracle.com
Fri Sep 25 11:31:07 UTC 2015


New to ALPN and this thread, just my $0.02.

On 09/25/2015 05:47 PM, Xuelei Fan wrote:
> Here is the question to answer, which preference should be respected
> firstly between cipher suite and application protocol?

No concrete answer, but I think it's always better to "first respect 
what the user has configured". If user has explicitly requested {AP1, 
AP2} but has not configured cipher suites order himself, ALPN preference 
should be respected first. This might mean that for different ALPN 
requests the *default* cipher suite order should be different.

--Max



More information about the security-dev mailing list