IETF Logo Mail Archive

Re: New Version Notification for draft-nottingham-http2-encryption-03.txt

Paul Hoffman <paul.hoffman@gmail.com> Tue, 20 May 2014 15:29 UTC

Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E4D5E1A071C for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Tue, 20 May 2014 08:29:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.652
X-Spam-Level:
X-Spam-Status: No, score=-7.652 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.651, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sE-vNdn1ItZZ for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Tue, 20 May 2014 08:29:05 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3028B1A008D for <httpbisa-archive-bis2Juki@lists.ietf.org>; Tue, 20 May 2014 08:29:04 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1Wmlwv-0002P4-H3 for ietf-http-wg-dist@listhub.w3.org; Tue, 20 May 2014 15:27:29 +0000
Resent-Date: Tue, 20 May 2014 15:27:29 +0000
Resent-Message-Id: <E1Wmlwv-0002P4-H3@frink.w3.org>
Received: from maggie.w3.org ([128.30.52.39]) by frink.w3.org with esmtp (Exim 4.72) (envelope-from <paul.hoffman@gmail.com>) id 1Wmlwi-0002Ix-MX for ietf-http-wg@listhub.w3.org; Tue, 20 May 2014 15:27:16 +0000
Received: from mail-ve0-f176.google.com ([209.85.128.176]) by maggie.w3.org with esmtps (TLS1.0:RSA_ARCFOUR_SHA1:16) (Exim 4.72) (envelope-from <paul.hoffman@gmail.com>) id 1Wmlwh-0003TG-R0 for ietf-http-wg@w3.org; Tue, 20 May 2014 15:27:16 +0000
Received: by mail-ve0-f176.google.com with SMTP id jz11so801388veb.7 for <ietf-http-wg@w3.org>; Tue, 20 May 2014 08:26:49 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=nFI/qEvRvqVh4Kf31ZKSmj2qBw7zfsdWUeYbdJZuUgE=; b=ZjRaOJX+dzO7+7CTutPV2LDhZyCCksgs4ktebrIxncuQ+dw8uSWlWT8JFpvLCyg8MK S7P1J92SMGXdiPxX4qPzUp8cv8QThaIk7af2nZcLHYCFWR7M3p/CkTD67xS4Nwj3FcQH Sf1QKt+ywQR4rAPhVtGe3vknw+w6FlWnhWp9zvRnO7h2nuYzfSjOMq4HxdxN3Kpmw6sY oirpdoySC+W1LXx/6faiElJy/xk2sPmpHn2MuUeIxVkyrcmhiKtMLEKvIulP6xCXh1Ob Qdhg6Ek2N42mKMFXpiEE9cIFvNDYlkB8mc398OFu23FZLoGrHB7c+Ps+E8EzhQeWqdVg fZRw==
MIME-Version: 1.0
X-Received: by 10.52.252.4 with SMTP id zo4mr964301vdc.74.1400599609869; Tue, 20 May 2014 08:26:49 -0700 (PDT)
Received: by 10.220.104.8 with HTTP; Tue, 20 May 2014 08:26:49 -0700 (PDT)
In-Reply-To: <5905C797-A8E2-417B-94AB-589C174382BA@mnot.net>
References: <20140520034054.10225.92036.idtracker@ietfa.amsl.com> <5905C797-A8E2-417B-94AB-589C174382BA@mnot.net>
Date: Tue, 20 May 2014 08:26:49 -0700
Message-ID: <CAPik8yb2P5RoGMLB=OtcbnpgZd-if9FpEp0HcLQcyVMtie4Yig@mail.gmail.com>
From: Paul Hoffman <paul.hoffman@gmail.com>
To: Mark Nottingham <mnot@mnot.net>
Cc: HTTP Working Group <ietf-http-wg@w3.org>, Martin Thomson <martin.thomson@gmail.com>
Content-Type: multipart/alternative; boundary="001a1133f770380de604f9d682c4"
Received-SPF: pass client-ip=209.85.128.176; envelope-from=paul.hoffman@gmail.com; helo=mail-ve0-f176.google.com
X-W3C-Hub-Spam-Status: No, score=-3.6
X-W3C-Hub-Spam-Report: AWL=-2.766, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001
X-W3C-Scan-Sig: maggie.w3.org 1Wmlwh-0003TG-R0 66fbede3d494aed0295865f32eb83738
X-Original-To: ietf-http-wg@w3.org
Subject: Re: New Version Notification for draft-nottingham-http2-encryption-03.txt
Archived-At: <http://www.w3.org/mid/CAPik8yb2P5RoGMLB=OtcbnpgZd-if9FpEp0HcLQcyVMtie4Yig@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/23722
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

The new material on what might be called "alternate service pinning" has
the advantages and faults of any of the security pinning protocols that the
IETF makes. Please note how tortured the key pinning discussion in the
websec WG has become; there is no reason why alternate service pinning will
be any easier. This isn't to say that you shouldn't do it, just that you
should expect it to be a protracted and sometimes circular discussion full
of "but what if; so the protocol now has to".

Separately, the text in Section 4 concerns me because it seems easy to
mis-implement. That is, the API flag that says "this connection is/isn't
running under authenticated TLS" becomes critical; it is even more
important than the API flag for "this connection is/isn't running under
TLS".  Please consider calling this out more strongly in Section 4, and add
it to the Security Considerations. Encouraging developers to have a unit
test for "start a connection with unauthenticated TLS and then then try to
request an https: resource and make sure that fails".

--Paul Hoffman

v2.23.0 | Report a Bug | By Email