IETF Logo Mail Archive

Re: Discussion of 9.2.2

Michael Sweet <msweet@apple.com> Fri, 26 September 2014 16:16 UTC

Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 034191A802B for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Fri, 26 Sep 2014 09:16:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.578
X-Spam-Level:
X-Spam-Status: No, score=-7.578 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.786, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_DKIM_INVALID=0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7VHB5D9L3XYy for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Fri, 26 Sep 2014 09:16:43 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8D0101A8032 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Fri, 26 Sep 2014 09:16:31 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1XXY9r-0007et-Pr for ietf-http-wg-dist@listhub.w3.org; Fri, 26 Sep 2014 16:14:11 +0000
Resent-Date: Fri, 26 Sep 2014 16:14:11 +0000
Resent-Message-Id: <E1XXY9r-0007et-Pr@frink.w3.org>
Received: from lisa.w3.org ([128.30.52.41]) by frink.w3.org with esmtp (Exim 4.72) (envelope-from <msweet@apple.com>) id 1XXY9Y-0007QK-U7 for ietf-http-wg@listhub.w3.org; Fri, 26 Sep 2014 16:13:52 +0000
Received: from mail-out5.apple.com ([17.151.62.27] helo=mail-in5.apple.com) by lisa.w3.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.72) (envelope-from <msweet@apple.com>) id 1XXY9X-0005Zc-M5 for ietf-http-wg@w3.org; Fri, 26 Sep 2014 16:13:52 +0000
DKIM-Signature: v=1; a=rsa-sha256; d=apple.com; s=mailout2048s; c=relaxed/simple; q=dns/txt; i=@apple.com; t=1411748004; x=2275661604; h=From:Sender:Reply-To:Subject:Date:Message-id:To:Cc:MIME-version:Content-type: Content-transfer-encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-reply-to:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=JR7u484IuXElz1j8HXRjQnAPsfs4fvszhWTI1EgsPnQ=; b=DOIiSvW5BrGrFU6nM2G6Fv/aXl/5iNMRm/7YkTbKGPrIMVIbwM4U8XdKBpneXVTq +fCAACEsiusmKcoR3yfjI/9EkWADJuc+mEVfagJaRXNVuO7YWIl3U7YaOJ5+X1g4 +k4vV7bCH2HeBfxLHGyj5cdciJn+kJ52G8c3r8RPNSCcyy5oJRmVnnzez7wdfrPL 5/4WvejNcnZgM8KBT7LVHDP41P79PyvbklnTwCC24/LZb+c+lKH+G/Ss0541glG7 iUDZnFCZCPiIMIdFXuCheYLUiqWXKDFko+6eoiRs8406l37lNTstam+dcHOn4GE4 TTtpknYyvIYr+euC+sX4xQ==;
Received: from mail-out.apple.com (mail-out.apple.com [17.151.62.49]) (using TLS with cipher RC4-MD5 (128/128 bits)) (Client did not present a certificate) by mail-in5.apple.com (Apple Secure Mail Relay) with SMTP id 24.88.24074.4A095245; Fri, 26 Sep 2014 09:13:24 -0700 (PDT)
MIME-version: 1.0
Content-type: text/plain; charset="utf-8"
Received: from relay5.apple.com ([17.128.113.88]) by local.mail-out.apple.com (Oracle Communications Messaging Server 7.0.5.30.0 64bit (built Oct 22 2013)) with ESMTP id <0NCI009A1NPF5590@local.mail-out.apple.com> for ietf-http-wg@w3.org; Fri, 26 Sep 2014 09:13:24 -0700 (PDT)
X-AuditID: 11973e13-f79326d000005e0a-d5-542590a4fff9
Received: from orrisroot.apple.com (orrisroot.apple.com [17.128.115.106]) (using TLS with cipher RC4-MD5 (128/128 bits)) (Client did not present a certificate) by relay5.apple.com (Apple SCV relay) with SMTP id DD.34.31858.5A095245; Fri, 26 Sep 2014 09:13:25 -0700 (PDT)
Received: from [17.114.158.176] by orrisroot.apple.com (Oracle Communications Messaging Server 7.0.5.30.0 64bit (built Oct 22 2013)) with ESMTPSA id <0NCI0087QNQBUN50@orrisroot.apple.com> for ietf-http-wg@w3.org; Fri, 26 Sep 2014 09:13:24 -0700 (PDT)
From: Michael Sweet <msweet@apple.com>
In-reply-to: <CABcZeBPUihY6-i7EEhWq35=RNA--ZHMqnjkJQnO+_OZkfwoPdQ@mail.gmail.com>
Date: Fri, 26 Sep 2014 09:13:23 -0700
Cc: Jason Greene <jason.greene@redhat.com>, Martin Thomson <martin.thomson@gmail.com>, Mark Nottingham <mnot@mnot.net>, HTTP Working Group <ietf-http-wg@w3.org>
Content-transfer-encoding: quoted-printable
Message-id: <F8A9D418-9DA2-48E9-9CD8-45F86A3B2E30@apple.com>
References: <F0D4BA2A-46B2-4F1A-8A23-1A319A3E5FC0@mnot.net> <CABkgnnWszVer8Y3qgmEQnxNKUhroUEeseC8JkBbGT2P6z3iZxQ@mail.gmail.com> <36736818-C125-4390-841B-94AD76A45EA0@apple.com> <67BE9032-4441-46DE-8929-A25E4FEF3CCF@redhat.com> <CABcZeBPUihY6-i7EEhWq35=RNA--ZHMqnjkJQnO+_OZkfwoPdQ@mail.gmail.com>
To: Eric Rescorla <ekr@rtfm.com>
X-Mailer: Apple Mail (2.1985.4)
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFtrLLMWRmVeSWpSXmKPExsUiON3OUHfJBNUQg12XFCwOt8xicmD0ODpv P2sAYxSXTUpqTmZZapG+XQJXxpFrbcwFc5UqNqy/ydrAeE26i5GTQ0LAROLP7hZWCFtM4sK9 9WxdjFwcQgKzmCQWbv/OBJLgFRCU+DH5HksXIwcHs4C6xJQpuXA1f1ZfYYQZtHvrclaIxBQm iaUNc6GcBiaJVxuOM4J0CwsoSLz/rg/SwCagJvF7Uh/YZk6BYInNb9pZQUpYBFQlfjV6gbQy CyxhlPi0bzo7SA2zgLbEk3cXWCEOspFY/bUD6tINTBL/v19mA0mIAM3/9ecEC8RF8hJLL22H uu47q8TK0+wTGEVmIXloFsJDs5CsWMDIvIpRKDcxM0c3M89UL7GgICdVLzk/dxMjJLyFdzCe XmV1iFGAg1GJh/fGOpUQIdbEsuLK3EOM0hwsSuK88VlAIYH0xJLU7NTUgtSi+KLSnNTiQ4xM HJxSDYzxKnmWbo3KVooT3YtcVu/++fbFBA3nbdu5Jl6TejDTruu7nFejn/KUWRY37ybIsj07 tlSTyf1q3mm2KQ/ahNfO3nhBo1nPgrvMKcazuW/tSk95KfVLSWzCdRcE9dLCw4QCd7otZnzc tp0zTcPnwp/cva/ZboQF//iabXfOxebruT/9y13PsCqxFGckGmoxFxUnAgBxZihiUAIAAA==
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFlrCLMWRmVeSWpSXmKPExsUi2FCcpbt0gmqIwdX9QhaHW2YxOTB6HJ23 nzWAMYrLJiU1J7MstUjfLoEr48i1NuaCuUoVG9bfZG1gvCbdxcjJISFgIrF763JWCFtM4sK9 9WxdjFwcQgJTmCRWXDrECuE0MEm82nCcsYuRg0NYQEHi/Xd9kAZeAQOJqyfeg4WZBdQlpkzJ BQmzCahJ/J7UBzaTUyBYYvObdlaQEhYBVYlfjV4gE5kFljBKfNo3nR2khllAW+LJuwusECNt JFZ/7YC6YQOTxP/vl9lAEiJAa3/9OcECcai8xNJL2xknMArMQnLGLIQzZiEZu4CReRWjQFFq TmKlqV5iQUFOql5yfu4mRnDYFUbsYPy/zOoQowAHoxIP7811KiFCrIllxZW5hxglOJiVRHgl q1VDhHhTEiurUovy44tKc1KLDzFKc7AoifN+LweqFkhPLEnNTk0tSC2CyTJxcEo1MC4xfMsg 4CuirJ31tGfBv2zGJOm5pwp+XmE47nRqXqG+ZXHlppCra9T2LPTZrHDi0N3Z8QmPL5Xtjcxo kelYPvdrbhjbUxUDowX3it8z3JAQM2y8ojDlDMu2rYHGCuJzXH6pJh32Vju8+vGSx29fX5F+ EOgc1Co76fVP+/vcgmvecuv/mPO9d6cSS3FGoqEWc1FxIgDkhsTCNwIAAA==
Received-SPF: pass client-ip=17.151.62.27; envelope-from=msweet@apple.com; helo=mail-in5.apple.com
X-W3C-Hub-Spam-Status: No, score=-2.9
X-W3C-Hub-Spam-Report: DKIM_SIGNED=0.1, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.703, SPF_PASS=-0.001, T_DKIM_INVALID=0.01
X-W3C-Scan-Sig: lisa.w3.org 1XXY9X-0005Zc-M5 282ea8eaf5edb5db7c9df36d22d01e12
X-Original-To: ietf-http-wg@w3.org
Subject: Re: Discussion of 9.2.2
Archived-At: <http://www.w3.org/mid/F8A9D418-9DA2-48E9-9CD8-45F86A3B2E30@apple.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/27269
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

Eric,

If you have a multi-protocol client that opportunistically uses HTTP/2 (which will likely be the case for a very long time for any web browser at least), then you can't simply require TLS/1.2 or omit non-HTTP/2 cipher suites from negotiation because that will cause existing HTTP/1.1 (and SPDY) servers to stop working if they don't support the specific TLS/1.2 ciphers or cannot negotiate TLS/1.2 at all.

So that leaves clients in the position of asking for h2 without HTTP/2 specific ciphers and then verifying the cipher suite and protocol version (>= TLS/1.2) are good after the session is established.

On the server side you are in a similar situation - if you are unable to influence the negotiation of cipher suites based on ALPN protocol (and I know I can't with any of the libraries I use, and only a few have a notion of preferred ciphers that might help in general) then you have to add "oops" code that tells the client to go away after the session is established with an unsupported cipher suite or protocol version.

We can't simply look at this as a "negotiating HTTP/2 over TLS" problem.  HTTP/2 has to interoperate with the existing web.


> On Sep 26, 2014, at 8:09 AM, Eric Rescorla <ekr@rtfm.com> wrote:
> 
> 
> On Fri, Sep 26, 2014 at 7:55 AM, Jason Greene <jason.greene@redhat.com> wrote:
> Has there been any discussion and buy-in with the major TLS implementers (OpenSSL, LibreSSL, Microsoft, NSS, etc) about the need to provide a characteristic-based priority and introspection API that also allows for different policies per TLS version?
> 
> According to Michaels investigation it looks like all of them fall short of this.
> 
> As I indicated previously, NSS provides the necessary introspection API.
> 
> http://lists.w3.org/Archives/Public/ietf-http-wg/2014JulSep/2296.html
> 
> You don't need a priority API to correctly implement these requirements, nor
> do you need one that provides differential requirements for different TLS
> versions (other than the ones that are encoded in the TLS specifications
> and implemented by the library).
> 
> -Ekr
> 
>  
> At a minimum we should at least have a commitment that a complete solution meeting the needs of future ciphers, legacy compatibility, and the rules of 9.2.2 will even be possible. While this still falls short of “working code”, there is at least a chance that it can be implemented without breaking standard industry usage patterns.
> 
> On Sep 26, 2014, at 7:17 AM, Michael Sweet <msweet@apple.com> wrote:
> 
> > I think the lead-in paragraph (everything below only applies to TLS 1.2) is confusing when the first item after it then says "this isn't just limited to TLS 1.2".  Since all of the others are now explicitly TLS 1.2 requirements you can probably drop that lead-in paragraph to avoid the confusion...
> >
> > And FWIW I still have no interoperable way to implement these restrictions in a client or server that supports both HTTP/1.1 and HTTP/2 with the current TLS libraries, so I'll have to use the sub-optimal negotiate-and-then-give-up-forcing-a-new-connection approach if I want to enforce the 9.2.2 cipher suite and minimum TLS version requirements.
> >
> >> On Sep 26, 2014, at 1:08 AM, Martin Thomson <martin.thomson@gmail.com> wrote:
> >>
> >> On 24 September 2014 12:17, Mark Nottingham <mnot@mnot.net> wrote:
> >>> <http://http2.github.io/http2-spec/#rfc.section.9.2.2>
> >>
> >> I've updated my pull request on this subject.  There are a few
> >> editorial changes in the mix, but the commit log shows exactly what
> >> changes are involved:
> >>
> >> https://github.com/http2/http2-spec/pull/615
> >>
> >> I believe that these changes resolve the issues people have raised.
> >> That is, other than the one which states we shouldn't have this
> >> section at all.
> >>
> >
> > _________________________________________________________
> > Michael Sweet, Senior Printing System Engineer, PWG Chair
> >
> >
> 
> --
> Jason T. Greene
> WildFly Lead / JBoss EAP Platform Architect
> JBoss, a division of Red Hat
> 
> 

_________________________________________________________
Michael Sweet, Senior Printing System Engineer, PWG Chair

v2.46.0 | Report a Bug | By Email | System Status