Martin Thomson <[email protected]> writes: >The advantage with deploying a new protocol is that you can be strict. If, >for example, all of the browsers implement TLS 1.3 and are strict, then >Amazon won't be able to deploy a buggy 1.3 implementation without noticing >pretty quickly. You might suggest that that's aspiration to the point of >delusion, but in fact it worked out pretty well with HTTP/2 deployment. We >didn't squash ALL of the nasty bugs, but we got most of them.
It also means you're going to be in for a rude shock when you encounter the ocean of embedded/SCADA/IoT devices with non-mainstream TLS implementations. The reason why HTTP/2 "works" is that it essentially forked HTTP, HTTP/2 for Google, Amazon, etc, and the browser vendors, and HTTP 1.1 for everything else that uses HTTP as its universal substrate. As a result there will be two versions of HTTP in perpetuity, HTTP 1.1 and HTTP-whatever-the-current- version-is. (Should I mention TLS-LTS here? :-). Peter. _______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
