IETF Logo Mail Archive

Re: Port 80 deprecation

Ilari Liusvaara <ilariliusvaara@welho.com> Sat, 05 June 2021 08:10 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 47BC13A19A4 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sat, 5 Jun 2021 01:10:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.649
X-Spam-Level:
X-Spam-Status: No, score=-2.649 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.249, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TyX9mqZmYpkA for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sat, 5 Jun 2021 01:10:21 -0700 (PDT)
Received: from lyra.w3.org (lyra.w3.org [128.30.52.18]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7AC913A199D for <httpbisa-archive-bis2Juki@lists.ietf.org>; Sat, 5 Jun 2021 01:10:20 -0700 (PDT)
Received: from lists by lyra.w3.org with local (Exim 4.92) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1lpRKP-0000Q1-Jb for ietf-http-wg-dist@listhub.w3.org; Sat, 05 Jun 2021 08:06:53 +0000
Resent-Date: Sat, 05 Jun 2021 08:06:45 +0000
Resent-Message-Id: <E1lpRKP-0000Q1-Jb@lyra.w3.org>
Received: from mimas.w3.org ([128.30.52.79]) by lyra.w3.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from <ilariliusvaara@welho.com>) id 1lpRJS-0000Nc-9w for ietf-http-wg@listhub.w3.org; Sat, 05 Jun 2021 08:05:49 +0000
Received: from welho-filter4b.welho.com ([83.102.41.30] helo=welho-filter4.welho.com) by mimas.w3.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from <ilariliusvaara@welho.com>) id 1lpRJG-0002HD-Fk for ietf-http-wg@w3.org; Sat, 05 Jun 2021 08:05:39 +0000
Received: from localhost (localhost [127.0.0.1]) by welho-filter4.welho.com (Postfix) with ESMTP id 32B4167A9D; Sat, 5 Jun 2021 11:05:19 +0300 (EEST)
X-Virus-Scanned: Debian amavisd-new at pp.htv.fi
Received: from welho-smtp2.welho.com ([IPv6:::ffff:83.102.41.85]) by localhost (welho-filter4.welho.com [::ffff:83.102.41.26]) (amavisd-new, port 10024) with ESMTP id Q-MURH09uxnf; Sat, 5 Jun 2021 11:05:19 +0300 (EEST)
Received: from LK-Perkele-VII2 (87-92-216-160.rev.dnainternet.fi [87.92.216.160]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by welho-smtp2.welho.com (Postfix) with ESMTPSA id CA5BC72; Sat, 5 Jun 2021 11:05:16 +0300 (EEST)
Date: Sat, 05 Jun 2021 11:05:15 +0300
From: Ilari Liusvaara <ilariliusvaara@welho.com>
To: Toerless Eckert <tte@cs.fau.de>
Cc: ietf-http-wg@w3.org
Message-ID: <YLswO6umk+WCOXd7@LK-Perkele-VII2.locald>
References: <41fb81f5-4978-f8da-d0de-7af26cd20e74@gmail.com> <em31279999-b222-49d5-8243-8ec47f667f6e@bombadil> <20210603021542.wjwkk7kq4axoterj@family.redbarn.org> <6fb42e70-2e00-f978-fd59-88ce669e1a91@gmail.com> <20210603040515.qqigadhzrzdbozxu@family.redbarn.org> <20210603114324.GE3909@faui48e.informatik.uni-erlangen.de>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
In-Reply-To: <20210603114324.GE3909@faui48e.informatik.uni-erlangen.de>
Sender: ilariliusvaara@welho.com
Received-SPF: none client-ip=83.102.41.30; envelope-from=ilariliusvaara@welho.com; helo=welho-filter4.welho.com
X-W3C-Hub-Spam-Status: No, score=-3.5
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, KHOP_HELO_FCRDNS=0.398, SPF_HELO_NONE=0.001, SPF_NONE=0.001, W3C_AA=-1, W3C_WL=-1
X-W3C-Scan-Sig: mimas.w3.org 1lpRJG-0002HD-Fk 91af5e866916cf33daebc4ad452dd0e8
X-Original-To: ietf-http-wg@w3.org
Subject: Re: Port 80 deprecation
Archived-At: <https://www.w3.org/mid/YLswO6umk+WCOXd7@LK-Perkele-VII2.locald>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/38853
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <https://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

On Thu, Jun 03, 2021 at 01:43:24PM +0200, Toerless Eckert wrote:
> Which RFC that is updating RFC8446 is providing null crypto ?

From IANA registry (despite not having "NULL" in name, these are NULL
ciphersuites):

    0xC0,0xB4   TLS_SHA256_SHA256  Y N   [draft-camwinget-tls-ts13-macciphersuites]
    0xC0,0xB5   TLS_SHA384_SHA384  Y N   [draft-camwinget-tls-ts13-macciphersuites]

The "Y N" there means: OK for DTLS, Not recommended.

However, these might not deliver the best throughput. If platform has
SIMD but no hardware SHA-2 acceleration, Chacha20-Poly1305 likely
delivers better throughput. If platform has hardware AES-GCM
acceleration, AES-GCM is likely higher throughput regardless of if
there is hardware SHA-2 acceleration or not (E.g., AMD Zen2 has both,
and AES-GCM is a lot faster).

And then record protection throughput might not be the biggest problem.
Having to do handshake and deal with possible peer authentication might
cause much more problems at application level, and NULL ciphers do
nothing for these issues.


-Ilari

v2.23.0 | Report a Bug | By Email