On Fri, Aug 28, 2015 at 9:26 AM, Stefan Eissing <stefan.eiss...@greenbytes.de> wrote: > If this works, one could think about introducing some kind of "equivalence > number" to speed up the checking, since in certain HTTP/2 setups there might > be a good percentage of requests requiting this verification.
Long term we need to block these name-based renegotiations because we'll be at TLS1.3. I don't know how to ween people off, but making up an H2 requirement might be one way to ease people into it.