httpwg · n1hility · Nov 3, 2014
diff --git a/draft-ietf-httpbis-http2.xml b/draft-ietf-httpbis-http2.xml
@@ -3712,7 +3712,15 @@ HTTP2-Settings    = token68
             Clients MAY advertise support of cipher suites that are prohibited by the above
             restrictions in order to allow for connection to servers that do not support HTTP/2.
             This enables a fallback to protocols without these constraints without the additional
-            latency imposed by using a separate connection for fallback.
+            latency imposed by using a separate connection for fallback. Prohibited cipher suites 
+            MUST be advertised at a lower preference than permitted cipher suites.
+          </t>
+          <t>
+            Servers MAY allow unknown ciphers that are negotiated by a TLS 1.2 implementation. 
+            This prevents potential interoperability issues involving future ciphers supported 
+            by the underlying TLS 1.2 implementation, but are not yet understood by the server.
+            Due to the restrictions on clients above, prohibited cipher suites are still 
+            prevented from use with HTTP/2. 
           </t>
         </section>
       </section>