Re: Stephen Farrell's No Objection on draft-ietf-httpbis-alt-svc-12: (with COMMENT)
Mark Nottingham <mnot@mnot.net> Wed, 02 March 2016 23:19 UTC
Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 78F841B346F for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 2 Mar 2016 15:19:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.908
X-Spam-Level:
X-Spam-Status: No, score=-6.908 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.006, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=unavailable
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LakphaNuFoj8 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 2 Mar 2016 15:19:12 -0800 (PST)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2A1481B346D for <httpbisa-archive-bis2Juki@lists.ietf.org>; Wed, 2 Mar 2016 15:19:11 -0800 (PST)
Received: from lists by frink.w3.org with local (Exim 4.80) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1abFxw-0000ZQ-Hu for ietf-http-wg-dist@listhub.w3.org; Wed, 02 Mar 2016 23:14:00 +0000
Resent-Date: Wed, 02 Mar 2016 23:14:00 +0000
Resent-Message-Id: <E1abFxw-0000ZQ-Hu@frink.w3.org>
Received: from lisa.w3.org ([128.30.52.41]) by frink.w3.org with esmtps (TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <mnot@mnot.net>) id 1abFxr-0000Yf-2z for ietf-http-wg@listhub.w3.org; Wed, 02 Mar 2016 23:13:55 +0000
Received: from mxout-07.mxes.net ([216.86.168.182]) by lisa.w3.org with esmtps (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256) (Exim 4.80) (envelope-from <mnot@mnot.net>) id 1abFxp-00073V-Hs for ietf-http-wg@w3.org; Wed, 02 Mar 2016 23:13:54 +0000
Received: from [192.168.1.101] (unknown [120.149.194.112]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.mxes.net (Postfix) with ESMTPSA id 8BA1A22E261; Wed, 2 Mar 2016 18:13:24 -0500 (EST)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 9.2 \(3112\))
From: Mark Nottingham <mnot@mnot.net>
In-Reply-To: <20160301122415.25221.56881.idtracker@ietfa.amsl.com>
Date: Thu, 03 Mar 2016 10:13:22 +1100
Cc: The IESG <iesg@ietf.org>, Mike Bishop <michael.bishop@microsoft.com>, HTTP WG <ietf-http-wg@w3.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <FAC27A79-D409-4665-A9AA-BA362B99B425@mnot.net>
References: <20160301122415.25221.56881.idtracker@ietfa.amsl.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
X-Mailer: Apple Mail (2.3112)
Received-SPF: pass client-ip=216.86.168.182; envelope-from=mnot@mnot.net; helo=mxout-07.mxes.net
X-W3C-Hub-Spam-Status: No, score=-8.2
X-W3C-Hub-Spam-Report: AWL=1.359, BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, W3C_AA=-1, W3C_DB=-1, W3C_IRA=-1, W3C_IRR=-3, W3C_WL=-1
X-W3C-Scan-Sig: lisa.w3.org 1abFxp-00073V-Hs ef382049c7b1c39321cc17051c1dfa4a
X-Original-To: ietf-http-wg@w3.org
Subject: Re: Stephen Farrell's No Objection on draft-ietf-httpbis-alt-svc-12: (with COMMENT)
Archived-At: <http://www.w3.org/mid/FAC27A79-D409-4665-A9AA-BA362B99B425@mnot.net>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/31155
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
Hi Stephen, > - If TLS1.3 continues to have 0rtt replayable early-data, > could that interact badly with Alt-Svc? Or what about > false-start? For example, if such a combination meant that an > otherwise functional replay detection scheme would fail to > spot a replay that would be bad. This is not a DISCUSS, as > neither TLS1.3 nor false-start are formally "done" so blocking > this for that reason would be "odd";-) However, both are > implemented or will be, so I would love to chat about it and > that might lead to some new security considerations text, here > or in a TLS document. I don't think there's any interaction, because an Alt-Svc is "just another HTTP connection" as far as replay goes; of course one still needs to be mindful of not using it for things like POST. > - Does this still all work for opportunistic security for > HTTP? If not, why not? Note: I'm not asking if the WG have > reached consensus on oppo, rather I'd like to be reassured > that if they do, this will still work for that. I think that's > all ok, though, right? It is still the basis, yes. > - section 3: with "clear" you say alternatives are to be > invalidated. Does that mean anything about cached resources? I > assume not, but just checking. No, they're completely separate. > - section 5: I wondered why you didn't include the ALPN > identifier here? That didn't come up. Generally, it's because the alternative hostname isn't available to the server (thanks to DNS), whereas the negotiated protocol generally is. I say "generally" because the scope of the ALPN identifier is somewhat fuzzy, and some have talked about using it to indicate out-of-band information (e.g., whether certs are checked). I'd be interested to hear what WG members think about this -- do we need to include this? Arguably, it would be more useful than knowing what the port is (information that the server *does* have). > - 9.2: What does "might also choose" mean and which "other > requirements" have you in mind? That's very vague. Browsers can -- and do -- add other checks to certificates, and this gives them wiggle-room to do so. This might be CT as it's not required now, it might be a browser-specific blacklist based upon its own data, it might be additional limits on validity periods, it might be Perspectives or a similar approach, etc. > - 9.5: What are you telling me with the last para? This? """ When the protocol does not explicitly carry the scheme (as is usually the case for HTTP/1.1 over TLS), servers can mitigate this risk by either assuming that all requests have an insecure context, or by refraining from advertising alternative services for insecure schemes (for example, HTTP). """ -- Mark Nottingham https://www.mnot.net/
- Stephen Farrell's No Objection on draft-ietf-http… Stephen Farrell
- Re: Stephen Farrell's No Objection on draft-ietf-… Mark Nottingham
- Re: Stephen Farrell's No Objection on draft-ietf-… Stephen Farrell
- Re: Stephen Farrell's No Objection on draft-ietf-… Patrick McManus
- Re: Stephen Farrell's No Objection on draft-ietf-… Erik Nygren
- Re: Stephen Farrell's No Objection on draft-ietf-… Mark Nottingham
- Re: Stephen Farrell's No Objection on draft-ietf-… Martin Thomson