IETF Logo Mail Archive

Re: Discussion of 9.2.2

Greg Wilkins <gregw@intalio.com> Thu, 25 September 2014 18:17 UTC

Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 972C11A8772 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Thu, 25 Sep 2014 11:17:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.065
X-Spam-Level:
X-Spam-Status: No, score=-7.065 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.786, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HOvupAK5n1I3 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Thu, 25 Sep 2014 11:17:00 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4E38C1A874D for <httpbisa-archive-bis2Juki@lists.ietf.org>; Thu, 25 Sep 2014 11:17:00 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1XXDZ8-0003L9-5y for ietf-http-wg-dist@listhub.w3.org; Thu, 25 Sep 2014 18:14:54 +0000
Resent-Date: Thu, 25 Sep 2014 18:14:54 +0000
Resent-Message-Id: <E1XXDZ8-0003L9-5y@frink.w3.org>
Received: from maggie.w3.org ([128.30.52.39]) by frink.w3.org with esmtp (Exim 4.72) (envelope-from <gregw@intalio.com>) id 1XXDYq-0003JM-VM for ietf-http-wg@listhub.w3.org; Thu, 25 Sep 2014 18:14:37 +0000
Received: from mail-wg0-f47.google.com ([74.125.82.47]) by maggie.w3.org with esmtps (TLS1.0:RSA_ARCFOUR_SHA1:16) (Exim 4.72) (envelope-from <gregw@intalio.com>) id 1XXDYp-0004Nj-QZ for ietf-http-wg@w3.org; Thu, 25 Sep 2014 18:14:36 +0000
Received: by mail-wg0-f47.google.com with SMTP id y10so8549546wgg.6 for <ietf-http-wg@w3.org>; Thu, 25 Sep 2014 11:14:09 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=KMmbm947wgrdxfNW/+icyPgVEUNgAS0elt744+CpCUo=; b=IBL08MFxG4VGE36B2CxUmwhBGK7A0j2jigjGeKKNZ2iBfJR1mJXMJlIZD9VTwlhrSl t4Q/rz0kkEtsklm1i1LeSJUwFL/y5eZTl7THj+B7z67fO6egQ9TLxUZZehc0TJwrg3IQ 2yhNcw1VGtV3PUXA1Pw2CFT7193H+ysRlqtc3l+zz5QECFt4uZgWtCagZt5WJELlec81 UEV7VohraNJiW5HZUOuW4Wc1c0jHvnR4glIxIfmvgsOk42hJ9UHH0h0JSQZxdMnsYEZS CLK9scYRvwsv+e80ZGgEJprylA2AEaxsLnuOZrUxIMjTG1gY7FxQX/l2kvXHRCvEjtgq mNfQ==
X-Gm-Message-State: ALoCoQlz1vR7O6GkrFjTSLZcbOz0cDTymixsUXxMYRRZoKFSEuFbdOxaYNjAl6ZtX9W9FsBvvN8Q
MIME-Version: 1.0
X-Received: by 10.194.60.240 with SMTP id k16mr5662268wjr.109.1411668849005; Thu, 25 Sep 2014 11:14:09 -0700 (PDT)
Received: by 10.194.169.98 with HTTP; Thu, 25 Sep 2014 11:14:08 -0700 (PDT)
In-Reply-To: <7A1E6A5E-02EC-4DB7-A078-E0BF7F89B70D@mnot.net>
References: <F0D4BA2A-46B2-4F1A-8A23-1A319A3E5FC0@mnot.net> <CABkgnnV0HFeshNAe9CAzFDeED6Os_GmG6kxm827N18wduCkjiA@mail.gmail.com> <C3FE3757-2BED-41F6-8D2C-C36E29C5C950@redhat.com> <7A1E6A5E-02EC-4DB7-A078-E0BF7F89B70D@mnot.net>
Date: Fri, 26 Sep 2014 04:14:08 +1000
Message-ID: <CAH_y2NFQKQAVVEqtUPB-YJr5Ew-m7AOjvSiarjYedYmhPqO71Q@mail.gmail.com>
From: Greg Wilkins <gregw@intalio.com>
To: Mark Nottingham <mnot@mnot.net>
Cc: Jason Greene <jason.greene@redhat.com>, Martin Thomson <martin.thomson@gmail.com>, HTTP Working Group <ietf-http-wg@w3.org>
Content-Type: multipart/alternative; boundary="047d7bacc1e4492ecf0503e7c479"
Received-SPF: permerror client-ip=74.125.82.47; envelope-from=gregw@intalio.com; helo=mail-wg0-f47.google.com
X-W3C-Hub-Spam-Status: No, score=-3.8
X-W3C-Hub-Spam-Report: AWL=-3.083, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7
X-W3C-Scan-Sig: maggie.w3.org 1XXDYp-0004Nj-QZ 5c56922a27a9c9b92dd78f023c4bf3f2
X-Original-To: ietf-http-wg@w3.org
Subject: Re: Discussion of 9.2.2
Archived-At: <http://www.w3.org/mid/CAH_y2NFQKQAVVEqtUPB-YJr5Ew-m7AOjvSiarjYedYmhPqO71Q@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/27244
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

On 26 September 2014 03:56, Mark Nottingham <mnot@mnot.net> wrote:

>
> See recent discussion regarding the language regarding unknown ciphers.
> Please address that proposal (mine or Martin’s).
>
>
please don't exclude my proposal from consideration!   To summaries again:

   - Replace the current allowance for weak h1 ciphers with an explicit
   immutable white list of weak ciphers that can be used for h1 fallback.
   - Update text to say that block and stream ciphers are prohibited for
   h2, but that AEAD and future cipher classes are allowed.

The intent in these proposals is to leave no doubt in the servers
consideration of unknown ciphers. An offered cipher that is not in the h1
white list is h2 acceptable for the client. The server can then apply it's
own acceptability criteria without the need to guess what the client is
actually offering.


cheers




-- 
Greg Wilkins <gregw@intalio.com>
http://eclipse.org/jetty HTTP, SPDY, Websocket server and client that scales
http://www.webtide.com  advice and support for jetty and cometd.

v2.46.0 | Report a Bug | By Email | System Status