Re: [jetty-dev] State of HTTP/2 in 9.3.0-SNAPSHOT

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

Re: [jetty-dev] State of HTTP/2 in 9.3.0-SNAPSHOT

From: Greg Wilkins <gregw@xxxxxxxxxxx>
Date: Thu, 9 Apr 2015 09:32:29 +1000
Delivered-to: jetty-dev@xxxxxxxxxxx
List-archive: <https://dev.eclipse.org/mailman/private/jetty-dev>
List-help: <mailto:jetty-dev-request@eclipse.org?subject=help>
List-subscribe: <https://dev.eclipse.org/mailman/listinfo/jetty-dev>, <mailto:jetty-dev-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://dev.eclipse.org/mailman/options/jetty-dev>, <mailto:jetty-dev-request@eclipse.org?subject=unsubscribe>

I just double checked the spec regarding the || and it is correct as the spec says:

   Deployments of HTTP/2 that negotiate TLS 1.3 or higher need only
   support and use the SNI extension; deployments of TLS 1.2 are subject
   to the requirements in the following sections.

So if you are using TLS 1.3, there are no black ciphers.... at least not ones mandated by the HTTP2 specification. You can still exclude ciphers from the entire TLS mechanism via the SslContextFactory in the normal way.

cheers

On 9 April 2015 at 09:22, Greg Wilkins <gregw@xxxxxxxxxxx> wrote:

Simone,

I think your analysis is good. However, I do think it worthwhile to add the condition to not apply blacklist logic to < h2-16

cheers

References:
- [jetty-dev] State of HTTP/2 in 9.3.0-SNAPSHOT
  - From: Eirik Bjørsnøs
- Re: [jetty-dev] State of HTTP/2 in 9.3.0-SNAPSHOT
  - From: Simone Bordet
- Re: [jetty-dev] State of HTTP/2 in 9.3.0-SNAPSHOT
  - From: Greg Wilkins

Prev by Date: Re: [jetty-dev] State of HTTP/2 in 9.3.0-SNAPSHOT
Next by Date: [jetty-dev] Maven Jetty Plugin Slow with Java8
Previous by thread: Re: [jetty-dev] State of HTTP/2 in 9.3.0-SNAPSHOT
Next by thread: [jetty-dev] Maven Jetty Plugin Slow with Java8
Index(es):
- Date
- Thread

Breadcrumbs