forked from golang/net
-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
http2: require either ECDSA or RSA ciphersuite
The HTTP/2 RFC does indeed mandate TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 but in practice, people are also using TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 becuase they are only using an ECDSA certificate. This is the case in acme/autocert. It doesn't make sense to enforce only RSA in cipher suites if it will never be used because they are using a ECDSA certificate. Change-Id: I86dac192a3eb9b74e4268310a3b550b3bd88a37f Reviewed-on: https://go-review.googlesource.com/30721 Reviewed-by: Tom Bergan <tombergan@google.com> Run-TryBot: Tom Bergan <tombergan@google.com> TryBot-Result: Gobot Gobot <gobot@golang.org>
- Loading branch information
Showing
2 changed files
with
14 additions
and
5 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters