Am 17.10.2015 um 11:18 schrieb Kaspar Brand:
Another - quite radical - approach would consist of using a whitelist,
which consists of a single cipher suite only: given that section 9.2 of
RFC 7540 states
"Implementations of HTTP/2 MUST use TLS version 1.2"
and section 9.2.2 further says
On 14.10.2015 14:55, Eric Covener wrote:
> On Wed, Oct 14, 2015 at 8:37 AM, Stefan Eissing
> wrote:
>> Any advice on how to add a test host (e.g. real port) to our test suite in
>> the most compatible way?
>
> 1426878 added an SSL vhost. It seems like there is a
On 16.10.2015 12:45, Stefan Eissing wrote:
> If the blacklist in RFC 7540 proves to be totally bogus, I'd favor
> ditching it in our server checks.
Sharing Yann's surprise about this huge blacklist... I'm also wondering
if this won't become a Sisyphean task, in the end (will the httpwg
regularly
Thanks! Yes, I have sth like this in the works in order to test more specific
http2 edge cases. You'll probably see it sometime next week.
> Am 17.10.2015 um 10:58 schrieb Kaspar Brand :
>
>> On 14.10.2015 14:55, Eric Covener wrote:
>> On Wed, Oct 14, 2015 at 8:37 AM,
Yes, I think whatever improvements we make, they need to be open for admin
overrides. OTOH the majority of the deployments will want to have sth like
modern/intermediate/old and get whatever that exactly means delivered by us as
regular updates in releases (or via their distros).
Especially