On Tue, Oct 5, 2010 at 6:28 AM, Jean-Marc Desperrier <jmd...@gmail.com> wrote: > Hi, > > Google is currently communicating about how they will use SSL False Start to > "accelerate the web", even if it means breaking a small fraction of > incompatible site (they will use a black list that should mitigate most of > the problem). > See http://news.cnet.com/8301-30685_3-20018437-264.html > > Am I right that there is currently no bug and no plan to make available in > Firefox the False Start support that's has been included in NSS in bug > 525092 ? (as noted here > https://bugzilla.mozilla.org/show_bug.cgi?id=525092#c24 making it minimally > available requires one call to set the SSL_ENABLE_FALSE_START option, and a > preference to optionally disable it. Handling the black list is more work, I > don't know if Google plans to make their list a public resource, maybe > Wan-Teh Chang can tell)
It was added, and then disabled by default: https://bugzilla.mozilla.org/show_bug.cgi?id=583908 https://bugzilla.mozilla.org/show_bug.cgi?id=591523 The False Start blacklist is a public resource. It is published in the Chromium source tree. Disabling False Start in Firefox 4 was the right decision because without additional changes to NSS or PSM, the failures caused by False Start are nondeterministic, depending on the arrival times of the client's Finished message and the first application data record. Nondeterministic failures make debugging very difficult. In addition, the Mozilla team is uncomfortable using a blacklist. Wan-Teh -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
