IETF Logo Mail Archive

Re: Discussion of 9.2.2

Michael Sweet <msweet@apple.com> Thu, 25 September 2014 17:09 UTC

Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 90A1E1A872F for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Thu, 25 Sep 2014 10:09:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.578
X-Spam-Level:
X-Spam-Status: No, score=-7.578 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.786, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_DKIM_INVALID=0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WOzpGV72q7Q3 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Thu, 25 Sep 2014 10:09:41 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 58CC71A872C for <httpbisa-archive-bis2Juki@lists.ietf.org>; Thu, 25 Sep 2014 10:09:41 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1XXCWJ-0000iR-J7 for ietf-http-wg-dist@listhub.w3.org; Thu, 25 Sep 2014 17:07:55 +0000
Resent-Date: Thu, 25 Sep 2014 17:07:55 +0000
Resent-Message-Id: <E1XXCWJ-0000iR-J7@frink.w3.org>
Received: from maggie.w3.org ([128.30.52.39]) by frink.w3.org with esmtp (Exim 4.72) (envelope-from <msweet@apple.com>) id 1XXCW1-0000dE-3V for ietf-http-wg@listhub.w3.org; Thu, 25 Sep 2014 17:07:37 +0000
Received: from mail-out7.apple.com ([17.151.62.29] helo=mail-in7.apple.com) by maggie.w3.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.72) (envelope-from <msweet@apple.com>) id 1XXCVz-0001c6-A4 for ietf-http-wg@w3.org; Thu, 25 Sep 2014 17:07:37 +0000
DKIM-Signature: v=1; a=rsa-sha256; d=apple.com; s=mailout2048s; c=relaxed/simple; q=dns/txt; i=@apple.com; t=1411664826; x=2275578426; h=From:Sender:Reply-To:Subject:Date:Message-id:To:Cc:MIME-version:Content-type: Content-transfer-encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-reply-to:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=QNUXorCiuIYr21wirKO761XjzcCQcpRWhIshPLgM2BY=; b=l5nR8PYGUbgmLcz8LbUaZGVWYaN5DpKnRP8rY5eiqJW2/mNxO3HYhIqIj5gpus39 hccAbN35NTfErNljFlm8NwvBMf//yJqapvlxD9vdsasYB6z9ALbI71XaYVhYhREk kmv+deh6Xc1NX1YZr+mFLiNP4C2DKYFltLGi4xpJ86iZkGlMgRY2TvA0nUqrXNwD jyraf3HKtrO0MuJkg2UZQ19b8LYSjUx/5wElJgrD6Dy32LaV9fUPkdBdazP/9sRC PtXZjcGsAbT0exBM3Ht+gMfMQ0zaD5TZOpQKDMvNjTQNTcf+DJhuF07897vzfcTZ Gbexyl2394i10qD7+9Njbg==;
Received: from mail-out.apple.com (honeycrisp.apple.com [17.151.62.51]) (using TLS with cipher RC4-MD5 (128/128 bits)) (Client did not present a certificate) by mail-in7.apple.com (Apple Secure Mail Relay) with SMTP id 33.3E.31401.ABB44245; Thu, 25 Sep 2014 10:07:06 -0700 (PDT)
MIME-version: 1.0
Content-type: text/plain; charset="utf-8"
Received: from relay4.apple.com ([17.128.113.87]) by local.mail-out.apple.com (Oracle Communications Messaging Server 7.0.5.30.0 64bit (built Oct 22 2013)) with ESMTP id <0NCG00LFDVIRMZC0@local.mail-out.apple.com> for ietf-http-wg@w3.org; Thu, 25 Sep 2014 10:07:06 -0700 (PDT)
X-AuditID: 11973e16-f793b6d000007aa9-56-54244bbac8e5
Received: from orrisroot.apple.com (orrisroot.apple.com [17.128.115.106]) (using TLS with cipher RC4-MD5 (128/128 bits)) (Client did not present a certificate) by relay4.apple.com (Apple SCV relay) with SMTP id 43.1F.03493.2CB44245; Thu, 25 Sep 2014 10:07:14 -0700 (PDT)
Received: from da0704a-dhcp165.apple.com ([17.197.43.165]) by orrisroot.apple.com (Oracle Communications Messaging Server 7.0.5.30.0 64bit (built Oct 22 2013)) with ESMTPSA id <0NCG006HUVJUVO90@orrisroot.apple.com> for ietf-http-wg@w3.org; Thu, 25 Sep 2014 10:07:06 -0700 (PDT)
From: Michael Sweet <msweet@apple.com>
In-reply-to: <CAH_y2NFu=kyTVK_neACEVyWp9m4wfLOUu-=Dc9nZoMhP+fNSsg@mail.gmail.com>
Date: Thu, 25 Sep 2014 10:07:05 -0700
Cc: Martin Thomson <martin.thomson@gmail.com>, Mark Nottingham <mnot@mnot.net>, HTTP Working Group <ietf-http-wg@w3.org>
Content-transfer-encoding: quoted-printable
Message-id: <E5889731-AEA4-4F82-809E-0B911F7570F8@apple.com>
References: <F0D4BA2A-46B2-4F1A-8A23-1A319A3E5FC0@mnot.net> <CABkgnnV0HFeshNAe9CAzFDeED6Os_GmG6kxm827N18wduCkjiA@mail.gmail.com> <CAH_y2NFu=kyTVK_neACEVyWp9m4wfLOUu-=Dc9nZoMhP+fNSsg@mail.gmail.com>
To: Greg Wilkins <gregw@intalio.com>
X-Mailer: Apple Mail (2.1985.4)
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFtrHLMWRmVeSWpSXmKPExsUiON3OWHeXt0qIwe1vBhaHW2YxOTB6HJ23 nzWAMYrLJiU1J7MstUjfLoErY3rHataCLrGK6739zA2MPwS7GDk5JARMJLr3L2WFsMUkLtxb z9bFyMUhJDCHSWLV27/MIAleAUGJH5PvsXQxcnAwC6hLTJmSC1Ezi0liy8zrzDCDpt9eBNU8 hUli1/1eKGcuk8TTqevYQbqFBRQk3n/XB2lgE1CT+D2pD2wzp0CwxJWVr1hAbBYBVYmrxxvA hjILVEk0du2BsrUlnry7wApxkI3EqusLWCHmn2SU2Ld2F1iziICKxLtnR6EukpdYemk7I0iR hMB7VomFty6zT2AUmYXko1kIH81CsmMBI/MqRqHcxMwc3cw8c73EgoKcVL3k/NxNjJAAF9vB +HCV1SFGAQ5GJR5eD3/lECHWxLLiytxDjNIcLErivFwqKiFCAumJJanZqakFqUXxRaU5qcWH GJk4OKUaGNVczNdannf6WzilQn/eJM9N6rMi/r+/0c1yJ7id/+ed2LZFKx6eP7X1SUH01DOr ZaTjf8jz3eVWyXE9Vj5n7rRPzxa2tW1Yddd2ceLN/ZMP1rX9T9Vq37bvw/zFkqJFlaXLA37L v99q5m3XfeZy3cd5fFtSkhdWS64tbd3/6pLfEr3NYk6H5nUpsRRnJBpqMRcVJwIAaOAELlEC AAA=
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFlrCLMWRmVeSWpSXmKPExsUi2FCcpXvIWyXEYMFcaYvDLbOYHBg9js7b zxrAGMVlk5Kak1mWWqRvl8CVMb1jNWtBl1jF9d5+5gbGH4JdjJwcEgImEtNvL2KDsMUkLtxb D2RzcQgJTGGS2DatmwXCmcsk8XTqOvYuRg4OYQEFifff9UEaeAUMJK6eeM8IEmYWUJeYMiUX JMwmoCbxe1IfK4jNKRAscWXlKxYQm0VAVeLq8QZmEJtZoEqisWsPlK0t8eTdBVaIkTYSq64v YIVYe5JRYt/aXWDNIgIqEu+eHWWGOFReYuml7YwTGAVmITljFsIZs5CMXcDIvIpRoCg1J7HS RC+xoCAnVS85P3cTIzjsCsN3MP5bZnWIUYCDUYmH18NfOUSINbGsuDL3EKMEB7OSCC+HvkqI EG9KYmVValF+fFFpTmrxIUZpDhYlcV6uuUDVAumJJanZqakFqUUwWSYOTqkGxmUH9ods+Piy M3SjdEWI78lXOiVLxMvvy4UuWfqvuD1zoqFL08RnrnaMGz1NBdfZTM9dVc60pzm7uHTp/bmb eL3U5rYIpArO4Vgra/LHX2VO1aEtH34F7Nfo2PTB4BtLeqjykxMcSQwn8l+piO/dv2M/H+fe mH37+b/NeBlTmH9bVkzvGofRJiWW4oxEQy3mouJEAAP86qM3AgAA
Received-SPF: pass client-ip=17.151.62.29; envelope-from=msweet@apple.com; helo=mail-in7.apple.com
X-W3C-Hub-Spam-Status: No, score=-2.9
X-W3C-Hub-Spam-Report: DKIM_SIGNED=0.1, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.735, SPF_PASS=-0.001, T_DKIM_INVALID=0.01
X-W3C-Scan-Sig: maggie.w3.org 1XXCVz-0001c6-A4 2b0b3b30a81ace097b1733d04ea633df
X-Original-To: ietf-http-wg@w3.org
Subject: Re: Discussion of 9.2.2
Archived-At: <http://www.w3.org/mid/E5889731-AEA4-4F82-809E-0B911F7570F8@apple.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/27238
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

> On Sep 25, 2014, at 9:10 AM, Greg Wilkins <gregw@intalio.com> wrote:
> ...
> 	• Implementations that do not have direct access to the properties of a cipher will still probably resort to black/white listing of h2 acceptable ciphers.   It will be impossible to prevent such configuration breaking your rule d), however having such a configuration will at least reduce the barrier to introducing new ciphers...  So INADEQUATE_SECURITY can still occur if such configurations are over zealously updated in contradiction to 9.2.2

This is a serious concern.  SecureTransport does not provide a "properties" API and has no way to specify priority or preference for cipher suites.  So unless I want to limit myself to servers that support HTTP/2-compatible cipher suites (I can't realistically do this), I will need to simply hope that the server will do the right thing or close my client-side connection if it doesn't.

GNU TLS has a notion of priority strings [1], and could potentially support a HTTP2 priority string, but there doesn't appear to be any way to match things up to the 9.2.2 text without resorting to specifying a whitelist.  (at least there you can specify an explicit priority order for cipher suites).

OpenSSL has a similar notion of cipher strings [2], although I'm not certain that you could define a cipher string that matches 9.2.2 and allows future algorithms.

Microsoft's sChannel APIs *may* be able to specify priority (I'm just not sure reading the documentation), but there is definitely no way to pick cipher suites based on properties - you have to specify lists of cipher suites using constants that MS provides.

Based on other posts we know that Java and NSS have similar issues with cipher suite selection and priorities.

I understand the desire to set a higher bar for security, but I just don't see how it can be implemented today without causing problems as soon as a new version of TLS or a new cipher suite is deployed.  Requiring a HTTP/2 implementation to make decisions about TLS cipher suite selection puts TLS interoperability at risk by developers that lack the necessary background or infrastructure (i.e. APIs) to implement it correctly, and that will just hurt adoption and long term use of HTTP/2.

Require TLS 1.2, recommend TLS BCPs, but please don't try to define a profile that is restricted to a version of HTTP that uses the same ports and ostensibly is supposed to work along side older versions of the protocol.

[1] http://www.gnutls.org/manual/gnutls.html#Priority-Strings
[2] http://www.openssl.org/docs/apps/ciphers.html

_________________________________________________________
Michael Sweet, Senior Printing System Engineer, PWG Chair

v2.46.0 | Report a Bug | By Email | System Status