IETF Logo Mail Archive

Re: 9.2.2 Cipher fallback and FF<->Jetty interop problem

Simone Bordet <simone.bordet@gmail.com> Tue, 23 September 2014 12:58 UTC

Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 12FDA1A1A27 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Tue, 23 Sep 2014 05:58:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.788
X-Spam-Level:
X-Spam-Status: No, score=-7.788 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.786, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uKQmTOWt5eEw for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Tue, 23 Sep 2014 05:58:21 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9D9271A1AAB for <httpbisa-archive-bis2Juki@lists.ietf.org>; Tue, 23 Sep 2014 05:58:21 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1XWPch-0008KV-KF for ietf-http-wg-dist@listhub.w3.org; Tue, 23 Sep 2014 12:55:15 +0000
Resent-Date: Tue, 23 Sep 2014 12:55:15 +0000
Resent-Message-Id: <E1XWPch-0008KV-KF@frink.w3.org>
Received: from maggie.w3.org ([128.30.52.39]) by frink.w3.org with esmtp (Exim 4.72) (envelope-from <simone.bordet@gmail.com>) id 1XWPcH-0006tR-Kh for ietf-http-wg@listhub.w3.org; Tue, 23 Sep 2014 12:54:49 +0000
Received: from mail-we0-f169.google.com ([74.125.82.169]) by maggie.w3.org with esmtps (TLS1.0:RSA_ARCFOUR_SHA1:16) (Exim 4.72) (envelope-from <simone.bordet@gmail.com>) id 1XWPcF-00046Y-EV for ietf-http-wg@w3.org; Tue, 23 Sep 2014 12:54:49 +0000
Received: by mail-we0-f169.google.com with SMTP id k48so4512732wev.28 for <ietf-http-wg@w3.org>; Tue, 23 Sep 2014 05:54:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=2DZBHMgEeCZyGv/G2+hkss2rDHy58Mp974iiGVJDUfI=; b=FOHs53u7zM3hdq8R94w+RtxfzLIQ9lz3DMqlo68Tlvxomkr11cuvQk4rc45WINqNCD 0F5NuytU6O7xvog79gSlT+zoulhPr4KI+0xP7dSvp68I2hBfJxxcMk0SiB2M01KkXgij e8+pUo1UTw+vLSHzFKHz3Z804fAUp5iNR1N3gdcoEWp13Q/ljKXw5ys81zU55VG1uIMa Q4G+S6ucWKuBs75a65nikXqldM8nozVe9+MppgIPgReq6MPHXSFHS1Rc52ZiGyVL98b0 190BMCRauYhXKQ61HyKz74xflccYmVDdedSrscBLijJf9nvSbt0yxmimHskOsdtc0hYR zwhg==
MIME-Version: 1.0
X-Received: by 10.180.77.200 with SMTP id u8mr23133818wiw.63.1411476860641; Tue, 23 Sep 2014 05:54:20 -0700 (PDT)
Received: by 10.27.49.137 with HTTP; Tue, 23 Sep 2014 05:54:20 -0700 (PDT)
In-Reply-To: <CABcZeBO7YpFjFyjoT8EAqpn6872X_5680ssPmixjypwU+Kp55w@mail.gmail.com>
References: <CAH_y2NF+sP9BmYuD4QbeHpwC_uj67itzaAFCnRVC6f--KDYOgg@mail.gmail.com> <CAFewVt7+UAJYfKAR6DRZi_mqdzSaYw6L-pT1qg=UyOaP1ojhTw@mail.gmail.com> <CAH_y2NEhAEaPiUgi_vX6Oimw+Y-k3WrnL0gJZKPxQ8KZVuFVfw@mail.gmail.com> <CABkgnnU6C+TzJzdeQZhwXucuPUrPh1yyp1cpRd9jSePMjAnONQ@mail.gmail.com> <CAH_y2NH=skUXk0QwCs4uVqWE=iOLhi5K+kvARDUQ7uMeogrw9A@mail.gmail.com> <CABcZeBPvQfkqnPkfzY53RVAHNw0govmp8p8obvp99w8zs4=RKw@mail.gmail.com> <D7B49F55-663F-4005-AD06-7E4057491608@redhat.com> <CABcZeBO8R9NLcwsNNKqPVZexw3duTe5Crneke8T1DOzs4wmBWg@mail.gmail.com> <CAH_y2NH79D61t3gA6HK3UAEgptC4qO2dxS5rKXFUdy__ueP-+w@mail.gmail.com> <FA7FA184-0A14-498D-80EC-B1A5A8C5AC39@mnot.net> <CAH_y2NFb9EYZ+VFbHoDYK46gXRhigjNhxWG+e-NvDn_soNHRog@mail.gmail.com> <CAOdDvNo9KNiuq5_-+h=fXxXc=6_g6EOQTvYUTDUGZdhuevh9UQ@mail.gmail.com> <CAH_y2NEhUjgmsBqJ6StP-=qDkNtDkcH2VWiM6u12epH4ScUVEA@mail.gmail.com> <CABcZeBOi_J37=kR1Pv5LnpppEFE4BdMKDBdJ_-ygG_zdaSA50A@mail.gmail.com> <54215363.6060401@zinks.de> <CABcZeBO7YpFjFyjoT8EAqpn6872X_5680ssPmixjypwU+Kp55w@mail.gmail.com>
Date: Tue, 23 Sep 2014 14:54:20 +0200
Message-ID: <CAFWmRJ18_Bv_nrQzHnjuMMUUoZb=Gi+GKtfPWxtzXGFjMfM0tA@mail.gmail.com>
From: Simone Bordet <simone.bordet@gmail.com>
To: Eric Rescorla <ekr@rtfm.com>
Cc: Roland Zink <roland@zinks.de>, HTTP Working Group <ietf-http-wg@w3.org>
Content-Type: text/plain; charset="UTF-8"
Received-SPF: pass client-ip=74.125.82.169; envelope-from=simone.bordet@gmail.com; helo=mail-we0-f169.google.com
X-W3C-Hub-Spam-Status: No, score=-0.8
X-W3C-Hub-Spam-Report: DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001
X-W3C-Scan-Sig: maggie.w3.org 1XWPcF-00046Y-EV a1c22f84667329e2902fd132f1d37e83
X-Original-To: ietf-http-wg@w3.org
Subject: Re: 9.2.2 Cipher fallback and FF<->Jetty interop problem
Archived-At: <http://www.w3.org/mid/CAFWmRJ18_Bv_nrQzHnjuMMUUoZb=Gi+GKtfPWxtzXGFjMfM0tA@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/27178
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

Hi,

On Tue, Sep 23, 2014 at 2:23 PM, Eric Rescorla <ekr@rtfm.com> wrote:
> I see what you mean. I think clearly a conformant HTTP client is going to
> need to configure
> the TLS stack to suppress any ciphersuite it doesn't recognize.

How can the client do that if it does not even know what is the
protocol that the server will choose ?
The ciphers that would need to be suppressed for h2 may not need to be
suppressed for h1.
Along the lines reported by Michael Sweet for iOS, I have doubts that
JDK/Android implementations of TLS will offer much in this area, and
if they do it will take years.

>> Now say the API is a bit more elaborated and the TLS library client offer
>> h1 with cipher set C1, h2 with C2 and Pn with C3. Only C1 and C3 contain
>> cipher Cn. The TLS client library does a union of the cipher sets and as Pn
>> is the preferred protocol the Cn is up in the list of ciphers. The server
>> choose h2 and Cn. Now again the client can't continue although it supports
>> h2 and Cn. It even can't continue with h1 as h2 was negotiated with ALPN.
>
> Again, this seems like a "don't do that then" kind of situation.

Can you expand on what you exactly mean here ?
The client has no idea what the server will choose so from the client
point of view everything is legal.
Had the server chosen Pn and Cn, everything would have worked fine, so
how can the client "don't do that" if the server chooses h2 ?

Thanks !

-- 
Simone Bordet
http://bordet.blogspot.com
---
Finally, no matter how good the architecture and design are,
to deliver bug-free software with optimal performance and reliability,
the implementation technique must be flawless.   Victoria Livschitz

v2.46.0 | Report a Bug | By Email | System Status