Hi, Thanks for that interesting explanation.
I just learned about another TLS 1.3 "intolerance" issue that people deploying it should be aware of: It seems some servers don't consider TLS 1.3 cipher suites as "safe" for HTTP/2 and this breaks connections: https://bugzilla.mozilla.org/show_bug.cgi?id=1488240#c39 While HTTP/2 is not necessarily the focus of this group I wonder what that means, how HTTP/2 implementations should be made future proof and if there can be a GREASE-like mechanism for it. Whitelisting "safe" ciphers seems to be a bad idea and almost inevitably will lead to more trouble in the future. -- Hanno Böck https://hboeck.de/ mail/jabber: ha...@hboeck.de GPG: FE73757FA60E4E21B937579FA5880072BBB51E42 _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
