IETF Logo Mail Archive

Discussion of 9.2.2

Mark Nottingham <mnot@mnot.net> Wed, 24 September 2014 11:21 UTC

Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 158D41A701B for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 24 Sep 2014 04:21:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.688
X-Spam-Level:
X-Spam-Status: No, score=-7.688 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.786, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QXgjPopii8sj for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 24 Sep 2014 04:20:59 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A6F7E1A7018 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Wed, 24 Sep 2014 04:20:59 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1XWkZy-00055n-DS for ietf-http-wg-dist@listhub.w3.org; Wed, 24 Sep 2014 11:17:50 +0000
Resent-Date: Wed, 24 Sep 2014 11:17:50 +0000
Resent-Message-Id: <E1XWkZy-00055n-DS@frink.w3.org>
Received: from lisa.w3.org ([128.30.52.41]) by frink.w3.org with esmtp (Exim 4.72) (envelope-from <mnot@mnot.net>) id 1XWkZe-00054w-5M for ietf-http-wg@listhub.w3.org; Wed, 24 Sep 2014 11:17:30 +0000
Received: from mxout-08.mxes.net ([216.86.168.183]) by lisa.w3.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.72) (envelope-from <mnot@mnot.net>) id 1XWkZd-0006TQ-2b for ietf-http-wg@w3.org; Wed, 24 Sep 2014 11:17:30 +0000
Received: from [192.168.49.8] (unknown [194.168.195.98]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by smtp.mxes.net (Postfix) with ESMTPSA id 64192509B5 for <ietf-http-wg@w3.org>; Wed, 24 Sep 2014 07:17:06 -0400 (EDT)
From: Mark Nottingham <mnot@mnot.net>
Content-Type: text/plain; charset="windows-1252"
Content-Transfer-Encoding: quoted-printable
Message-Id: <F0D4BA2A-46B2-4F1A-8A23-1A319A3E5FC0@mnot.net>
Date: Wed, 24 Sep 2014 12:17:03 +0100
To: HTTP Working Group <ietf-http-wg@w3.org>
Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\))
X-Mailer: Apple Mail (2.1878.6)
Received-SPF: pass client-ip=216.86.168.183; envelope-from=mnot@mnot.net; helo=mxout-08.mxes.net
X-W3C-Hub-Spam-Status: No, score=-3.7
X-W3C-Hub-Spam-Report: AWL=-1.075, BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001
X-W3C-Scan-Sig: lisa.w3.org 1XWkZd-0006TQ-2b 86cf75bb185e03bbeb64379f12c3a77f
X-Original-To: ietf-http-wg@w3.org
Subject: Discussion of 9.2.2
Archived-At: <http://www.w3.org/mid/F0D4BA2A-46B2-4F1A-8A23-1A319A3E5FC0@mnot.net>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/27213
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

We’re burning a lot of cycles on the TLS cipher suite requirements, and producing much heat but little light. Discussion seems to be looping, in part because people either aren’t reading the current spec language, or are drawing the wrong conclusions from it.

The actual requirements there are:

1) HTTP/2 MUST only be used with cipher suites that have ephemeral key exchange [plus details].
2) HTTP MUST NOT be used with cipher suites that use stream or block ciphers.
3) Clients MAY advertise support of cipher suites that are prohibited by the above restrictions in order to allow for connection to servers that do not support HTTP/2.

<http://http2.github.io/http2-spec/#rfc.section.9.2.2>

Further discussion needs to be directly related to this text — if you draw conclusions, please do so by illustrating how THESE requirements will result in an interop problem.

As discussed, the TLS WG has been consulted on the current text; there is not a process problem inherent here. Furthermore, an implementation roadblock in a single platform, while unfortunate, is not grounds for changing the protocol on its own. 

That being the case, those who still think we have a problem need to convince the rest of the WG that this is the case — so far, I don’t see that happening.

—

My personal observations (no chair hat):

AIUI, the crux of the purported problem is when a new cipher suite X is introduced, and a client offers it. If the server supports that cipher suite but the HTTP/2 implementation has not decided that it is conformant to these requirements, INADEQUATE_SECURITY will be thrown.

It seems to me that a few editorial changes would help here. 

a) Explicitly note that INADEQUATE_SECURITY is thrown in 9.2.2 (it’s implied by 9.2 but let’s be explicit). This should happen regardless.
b) Change the start of #2 above to “HTTP/2”. This should happen regardless.
c) Change #2 above to “HTTP/2 MUST NOT be used with cipher suites that are known to be stream or block ciphers.” This emphasises that it’s a blacklist, not a whitelist, and avoids throwing INADEQUATE_SECURITY when encountering a cipher suite with unknown properties.

Regards,

--
Mark Nottingham   http://www.mnot.net/

v2.46.0 | Report a Bug | By Email | System Status