On 11/12/2010 2:17 AM, Martin Rex wrote:
The result of the mess is that most browsers these days have given
up entirely the concept of SSL/TLS interoperability and use a heuristic
of reconnect fallbacks_at_the_application_level_, i.e. try a protocol
feature, run into one of those interop problems, abort, and the
calling app is supposed to retry with a less optimistic set of
Nothing the IETF does can prevent or fix this kind of implementation divergence.
The only way harmonization is achieved is by an active constituency of the
industry pressing for it, primarily through interoperability testing that is
limited to the specification.
The only role of the IETF in such a process is to aid in getting agreement on
any specification changes that might be needed, when the divergence is due to
/enhancements/ that are non-standard.
Ietf mailing list