IETF Logo Mail Archive

Re: 9.2.2 Cipher fallback and FF<->Jetty interop problem

Martin Thomson <martin.thomson@gmail.com> Fri, 05 September 2014 07:28 UTC

Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3E4931A04A4 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Fri, 5 Sep 2014 00:28:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.67
X-Spam-Level:
X-Spam-Status: No, score=-7.67 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.668, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qs3fr-x0iq6g for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Fri, 5 Sep 2014 00:28:08 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DD3DF1A049F for <httpbisa-archive-bis2Juki@lists.ietf.org>; Fri, 5 Sep 2014 00:28:07 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1XPntw-0003bl-8L for ietf-http-wg-dist@listhub.w3.org; Fri, 05 Sep 2014 07:25:44 +0000
Resent-Date: Fri, 05 Sep 2014 07:25:44 +0000
Resent-Message-Id: <E1XPntw-0003bl-8L@frink.w3.org>
Received: from maggie.w3.org ([128.30.52.39]) by frink.w3.org with esmtp (Exim 4.72) (envelope-from <martin.thomson@gmail.com>) id 1XPnte-0003aQ-CS for ietf-http-wg@listhub.w3.org; Fri, 05 Sep 2014 07:25:26 +0000
Received: from mail-la0-f53.google.com ([209.85.215.53]) by maggie.w3.org with esmtps (TLS1.0:RSA_ARCFOUR_SHA1:16) (Exim 4.72) (envelope-from <martin.thomson@gmail.com>) id 1XPntd-0007nj-AW for ietf-http-wg@w3.org; Fri, 05 Sep 2014 07:25:26 +0000
Received: by mail-la0-f53.google.com with SMTP id q1so4789022lam.12 for <ietf-http-wg@w3.org>; Fri, 05 Sep 2014 00:24:58 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=w5d/ZGS681Ll95PW1vdIU6MQuSpMTe5WlSvuOHWzmZI=; b=CEXsImPETzoov42rpLuHUo2C5T1ByLioPPrdt74UX9s1YdRpYItadize4lLwFOef/a R/IJBIBb+5/P6IerXi7ddCIvnKGEnqNfUn7e1lYlpt4g/uzV+Xku6/+yKocVChhoRmln mBvtWtCXXaFnh+bZVaqDppLj+a64MdnWGIeUPWMQJ0ZdtmaiCy9WKQC7G9I1jKKoGtuR 202UiZYcHx8LofFiiTyRHBr1iCByf9zamhYSu0YvAjE3TxwUQ3ZpCcIHVNlChU03jlS5 tzF9h0hk69L7Fgr4S2ftrxHnNdRQFQL8apjcMtHg6Rwzq6aVbkw2+dmhEc60NPb1RBxR MuVA==
MIME-Version: 1.0
X-Received: by 10.112.125.132 with SMTP id mq4mr1165762lbb.103.1409901898505; Fri, 05 Sep 2014 00:24:58 -0700 (PDT)
Received: by 10.25.166.75 with HTTP; Fri, 5 Sep 2014 00:24:58 -0700 (PDT)
In-Reply-To: <CAH_y2NHNcybxv=EF5xgpJhwTKhuJQMaxY74sRHoSk5uRcgo7AQ@mail.gmail.com>
References: <CAH_y2NF+sP9BmYuD4QbeHpwC_uj67itzaAFCnRVC6f--KDYOgg@mail.gmail.com> <CAH_y2NHNcybxv=EF5xgpJhwTKhuJQMaxY74sRHoSk5uRcgo7AQ@mail.gmail.com>
Date: Fri, 05 Sep 2014 00:24:58 -0700
Message-ID: <CABkgnnXrrnnMkToCinOmSe7y4VkqfFZZ_N9GuYJt+2xb9o4wUQ@mail.gmail.com>
From: Martin Thomson <martin.thomson@gmail.com>
To: Greg Wilkins <gregw@intalio.com>
Cc: HTTP Working Group <ietf-http-wg@w3.org>
Content-Type: text/plain; charset="UTF-8"
Received-SPF: pass client-ip=209.85.215.53; envelope-from=martin.thomson@gmail.com; helo=mail-la0-f53.google.com
X-W3C-Hub-Spam-Status: No, score=-3.5
X-W3C-Hub-Spam-Report: AWL=-2.679, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001
X-W3C-Scan-Sig: maggie.w3.org 1XPntd-0007nj-AW 9790818fa4ac751c2c98ba7c6a9ad95b
X-Original-To: ietf-http-wg@w3.org
Subject: Re: 9.2.2 Cipher fallback and FF<->Jetty interop problem
Archived-At: <http://www.w3.org/mid/CABkgnnXrrnnMkToCinOmSe7y4VkqfFZZ_N9GuYJt+2xb9o4wUQ@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/26998
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

On 4 September 2014 19:12, Greg Wilkins <gregw@intalio.com> wrote:
> Thus I don't have the information available to exclude h2-14 from the
> protocol list on the basis of negotiated cipher.

The server selects both ALPN and cipher suite.

If ALPN is picked first of those two in the OpenJDK implementation,
that's fine, as long as the cipher suite selection is OK.

A client offering "h2" should be including valid choices, so the only
problem is tweaking the suite selection process somehow.  In NSS,
there's a list of supported and enabled suites from which the server
picks the first available.  Ensuring that valid choices appear before
invalid ones will make software like that produce the right outcome.

It looks like OpenJDK does the same based on the order of
preferLocalCipherSuites and getActiveCipherSuites():
  http://hg.openjdk.java.net/jdk8/jdk8/jdk/file/687fd7c7986d/src/share/classes/sun/security/ssl/ServerHandshaker.java#l980

If you have preferLocalCipherSuites off, you should be OK with Firefox
as long as the necessary suites are enabled, but I'd want to turn it
on to avoid problems.  There might need to be some other tweaks to
enable ECDHE, I know that Chromium had some issues when in the server
role for DTLS because it's not on by default in OpenSSL/BoringSSL.

INADEQUATE_SECURITY is there as a backstop, should this process fail.
I don't see any reason why it should be necessary if you are correctly
configured.

v2.39.1 | Report a Bug | By Email | System Status