On Thu, Sep 1, 2016 at 12:57 PM, Diane Hosfelt <dhosf...@mozilla.com> wrote:
> Right now, what I’m working on is updating some TLS statistics using > https://github.com/mozilla/cipherscan <https://github.com/mozilla/ > cipherscan> (it’s taking a bit longer than I’d originally anticipated). > Based on my current results (~50k sites), over 7% can only use TLS1 or > lower. This means that, at a minimum, rustls would need need to implement > TLS1 and 1.1 in addition to 1.2 (and eventually 1.3) in order for Servo to > use it. I’m not quite sure what the bar should be for deciding that it’s > okay to not support legacy protocols, but I definitely think that 7% is too > high. In my opinion, web compatibility should be a goal of Servo. > FWIW, while I agree with that, I think it's important to get key high-volume sites working well in Servo --- Facebook, GMail, Youtube, Yahoo, Twitter, Amazon, etc --- before tackling the "long tail". I assume the former do not require TLS < 1.2. That gives you plenty of time to add TLS < 1.2 to rusttls. One question I haven't seen asked or answered yet is whether the rusttls maintainers would accept contributions to make it Web-compatible, and if not, how one would maintain a Web-compatible version of it. Rob -- lbir ye,ea yer.tnietoehr rdn rdsme,anea lurpr edna e hnysnenh hhe uresyf toD selthor stor edna siewaoeodm or v sstvr esBa kbvted,t rdsme,aoreseoouoto o l euetiuruewFa kbn e hnystoivateweh uresyf tulsa rehr rdm or rnea lurpr .a war hsrer holsa rodvted,t nenh hneireseoouot.tniesiewaoeivatewt sstvr esn _______________________________________________ dev-servo mailing list dev-servo@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-servo