IETF Logo Mail Archive

Re: Discussion of 9.2.2

Ilari Liusvaara <ilari.liusvaara@elisanet.fi> Thu, 25 September 2014 17:37 UTC

Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1A4561A0204 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Thu, 25 Sep 2014 10:37:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.688
X-Spam-Level:
X-Spam-Status: No, score=-7.688 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.786, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id G-IAAGqTNegR for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Thu, 25 Sep 2014 10:37:18 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C50EA1A0084 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Thu, 25 Sep 2014 10:37:00 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1XXCwE-0008EW-H7 for ietf-http-wg-dist@listhub.w3.org; Thu, 25 Sep 2014 17:34:42 +0000
Resent-Date: Thu, 25 Sep 2014 17:34:42 +0000
Resent-Message-Id: <E1XXCwE-0008EW-H7@frink.w3.org>
Received: from maggie.w3.org ([128.30.52.39]) by frink.w3.org with esmtp (Exim 4.72) (envelope-from <ilari.liusvaara@elisanet.fi>) id 1XXCvs-0008DO-6q for ietf-http-wg@listhub.w3.org; Thu, 25 Sep 2014 17:34:20 +0000
Received: from emh03.mail.saunalahti.fi ([62.142.5.109]) by maggie.w3.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.72) (envelope-from <ilari.liusvaara@elisanet.fi>) id 1XXCvr-0002nc-5o for ietf-http-wg@w3.org; Thu, 25 Sep 2014 17:34:20 +0000
Received: from LK-Perkele-VII (a88-112-44-140.elisa-laajakaista.fi [88.112.44.140]) by emh03.mail.saunalahti.fi (Postfix) with ESMTP id 3A7391887FA; Thu, 25 Sep 2014 20:33:55 +0300 (EEST)
Date: Thu, 25 Sep 2014 20:33:54 +0300
From: Ilari Liusvaara <ilari.liusvaara@elisanet.fi>
To: Eric Rescorla <ekr@rtfm.com>
Cc: Greg Wilkins <gregw@intalio.com>, Martin Thomson <martin.thomson@gmail.com>, Mark Nottingham <mnot@mnot.net>, HTTP Working Group <ietf-http-wg@w3.org>
Message-ID: <20140925173354.GA5976@LK-Perkele-VII>
References: <F0D4BA2A-46B2-4F1A-8A23-1A319A3E5FC0@mnot.net> <CABkgnnV0HFeshNAe9CAzFDeED6Os_GmG6kxm827N18wduCkjiA@mail.gmail.com> <CAH_y2NFu=kyTVK_neACEVyWp9m4wfLOUu-=Dc9nZoMhP+fNSsg@mail.gmail.com> <CABcZeBMOqi+5LFzf1MmQuuW+4O7Pmvky68riNqtJDcbzQnvQig@mail.gmail.com> <CAH_y2NHCXamQrPQZyezkJ-NSZUPTdqjbyTDNufbJSiQ1q_QMjg@mail.gmail.com> <CABcZeBO46e9TpL_kksL5khPx0zbHv0Y3ZD1kp9ka8tzbMf5yhg@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
In-Reply-To: <CABcZeBO46e9TpL_kksL5khPx0zbHv0Y3ZD1kp9ka8tzbMf5yhg@mail.gmail.com>
User-Agent: Mutt/1.5.23 (2014-03-12)
Sender: Ilari Liusvaara <ilari.liusvaara@elisanet.fi>
Received-SPF: pass client-ip=62.142.5.109; envelope-from=ilari.liusvaara@elisanet.fi; helo=emh03.mail.saunalahti.fi
X-W3C-Hub-Spam-Status: No, score=-3.2
X-W3C-Hub-Spam-Report: AWL=-3.205, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001
X-W3C-Scan-Sig: maggie.w3.org 1XXCvr-0002nc-5o 81420e5e2ca39bb5ad7f76e8e40723d2
X-Original-To: ietf-http-wg@w3.org
Subject: Re: Discussion of 9.2.2
Archived-At: <http://www.w3.org/mid/20140925173354.GA5976@LK-Perkele-VII>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/27240
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

On Thu, Sep 25, 2014 at 10:05:16AM -0700, Eric Rescorla wrote:
> On Thu, Sep 25, 2014 at 9:52 AM, Greg Wilkins <gregw@intalio.com> wrote:
> >
> > I think this indicates that the wording of 9.2.2 is indeed causing
> > confusion and has actually created wrong implementations.   In FF the 9.2.2
> > test is currently implemented as:
> >
> >    isAEAD()
> >
> > when it should be:
> >
> >    !isBlock() && !isStream()
> >
> > The former is a interoperability problem for future acceptable non AEAD
> > ciphers, while the later is not.
> >
> 
> Trying to think this through....
> 
> Isn't that only true if we add a new non-AEAD ciphersuite in NSS and then
> forget
> to update the code in Firefox?

Nope. Somebody WILL dynamically link the TLS librariesif the platform
supports dynamic linkage at all (and most non-constrained stuff does).

And even if stock Firefox statically links NSS, there is at least one
rebranded one (checked the memory map) that dynamically links system
NSS (hello version skew!).


-Ilari

v2.46.0 | Report a Bug | By Email | System Status