On Thu, 2019-09-26 at 13:36 -0700, Ryan Schmitt wrote: > According to RFC 7540, an HTTP/2 implementation may treat the > negotiation > of a weak cipher suite (i.e. most cipher suites that have ever > existed) as > a connection error. I'm skeptical of the way the client is currently > interpreting this part of the RFC: it is preemptively removing all of > the > blacklisted cipher suites before the connection has even been > negotiated. > Since most endpoints don't actually support HTTP/2, this mainly just > makes > it harder to connect to HTTP/1.1 endpoints without setting > `FORCE_HTTP_1`. > I'd like to remove the current filtering logic and replace it with > logic > that validates the negotiated cipher suite *after* h2 has actually > been > negotiated. Any objections?
None from me. We just need to make sure that the classic client behave consistently with the async one. Oleg --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
