IETF Logo Mail Archive

Re: Discussion of 9.2.2

Greg Wilkins <gregw@intalio.com> Wed, 24 September 2014 17:08 UTC

Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 058901A024F for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 24 Sep 2014 10:08:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.065
X-Spam-Level:
X-Spam-Status: No, score=-7.065 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.786, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id L1aTAU3Q5V49 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 24 Sep 2014 10:08:43 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 67CA71A0231 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Wed, 24 Sep 2014 10:08:05 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1XWpzm-0003pw-B3 for ietf-http-wg-dist@listhub.w3.org; Wed, 24 Sep 2014 17:04:50 +0000
Resent-Date: Wed, 24 Sep 2014 17:04:50 +0000
Resent-Message-Id: <E1XWpzm-0003pw-B3@frink.w3.org>
Received: from maggie.w3.org ([128.30.52.39]) by frink.w3.org with esmtp (Exim 4.72) (envelope-from <gregw@intalio.com>) id 1XWpzM-0003l1-5L for ietf-http-wg@listhub.w3.org; Wed, 24 Sep 2014 17:04:24 +0000
Received: from mail-wi0-f182.google.com ([209.85.212.182]) by maggie.w3.org with esmtps (TLS1.0:RSA_ARCFOUR_SHA1:16) (Exim 4.72) (envelope-from <gregw@intalio.com>) id 1XWpzG-0006dU-KS for ietf-http-wg@w3.org; Wed, 24 Sep 2014 17:04:24 +0000
Received: by mail-wi0-f182.google.com with SMTP id d1so7748162wiv.3 for <ietf-http-wg@w3.org>; Wed, 24 Sep 2014 10:03:51 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:content-type; bh=LDqzpjzSIubdmYurcbQ6ZcqHcSBFdp9FSMdzzJ7IOc0=; b=aP2zrNKGvdcDDoFQdoaqJb5IIf/IpKM1se6nB/AT9HOJ4inUWK1n4sVkvYlxhmXbue 3oZ+cFaF5Yk247kwZAv4Z4tAvG75E/gK9pw5COZ5/ZYry/knTAxYuP/ro+QmYhP/Kshu oVISVSg0ayGTNJgxDWnPqR0tVuGu2umM+i28fRfxZMsLRH1OB66f3R3hlwegT+tS1ktP EwB1DHZ+pbjWbClWUzZFaRhEowZLKez+mHNF/eM0x098GCKz7GR0rEPohulDPUXt/73F 3lvltyJ1B9U4PwZRImlj/XVDL+U3AutI67OQYDNM9DKl7JlUhbEr8h2SCC3dYje5LXH9 mzdQ==
X-Gm-Message-State: ALoCoQkngWJJs3IlyTXxOyaWL5qOZ6QB0KpyLSac3G2IQuwlHKEU5Emwh83g0lVKplvKIDytW+OE
MIME-Version: 1.0
X-Received: by 10.194.60.240 with SMTP id k16mr9384740wjr.109.1411578231581; Wed, 24 Sep 2014 10:03:51 -0700 (PDT)
Received: by 10.194.169.98 with HTTP; Wed, 24 Sep 2014 10:03:51 -0700 (PDT)
In-Reply-To: <F0D4BA2A-46B2-4F1A-8A23-1A319A3E5FC0@mnot.net>
References: <F0D4BA2A-46B2-4F1A-8A23-1A319A3E5FC0@mnot.net>
Date: Thu, 25 Sep 2014 03:03:51 +1000
Message-ID: <CAH_y2NEm8F-BQUPiFUWy-tbVdL3v4RC8Mr8+HcN2Frw-WhF72A@mail.gmail.com>
From: Greg Wilkins <gregw@intalio.com>
To: HTTP Working Group <ietf-http-wg@w3.org>
Content-Type: multipart/alternative; boundary="047d7bacc1e4112de50503d2abed"
Received-SPF: permerror client-ip=209.85.212.182; envelope-from=gregw@intalio.com; helo=mail-wi0-f182.google.com
X-W3C-Hub-Spam-Status: No, score=-3.8
X-W3C-Hub-Spam-Report: AWL=-3.087, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7
X-W3C-Scan-Sig: maggie.w3.org 1XWpzG-0006dU-KS 99f809d69a289e77251f57d7688dcdd2
X-Original-To: ietf-http-wg@w3.org
Subject: Re: Discussion of 9.2.2
Archived-At: <http://www.w3.org/mid/CAH_y2NEm8F-BQUPiFUWy-tbVdL3v4RC8Mr8+HcN2Frw-WhF72A@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/27222
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

Mark,

I am just incredulous that the position adopted appears to be that we know
the fragile handshake will not break in the future because we know how
ciphers will evolve and be deployed in the future.

If the defence of the status quo was not based on such weak foundations or
less intolerant of any change, then perhaps we'd burn less cycles.

the fundamental issue as I see it is that we have designed a fragile
handshake, that if implementations have slightly different interpretations
of 9.2.2 results in communications failure. This was discovered by a real
interop problem albeit from a very poor implementation of 9.2.2 on my
behalf.

So aside from the social argument of should we be doing this or not, I fail
to understand why this WG is rejecting the valid feedback that the
handshake is fragile.     Arguments that are based on predictions of the
evolutions of ciphers for the next few decades to combat the fragility of
the handshake are themselves fragile - no matter how smart the people are
who are making them.

regards










On 24 September 2014 21:17, Mark Nottingham <mnot@mnot.net> wrote:

> We’re burning a lot of cycles on the TLS cipher suite requirements, and
> producing much heat but little light. Discussion seems to be looping, in
> part because people either aren’t reading the current spec language, or are
> drawing the wrong conclusions from it.
>
> The actual requirements there are:
>
> 1) HTTP/2 MUST only be used with cipher suites that have ephemeral key
> exchange [plus details].
> 2) HTTP MUST NOT be used with cipher suites that use stream or block
> ciphers.
> 3) Clients MAY advertise support of cipher suites that are prohibited by
> the above restrictions in order to allow for connection to servers that do
> not support HTTP/2.
>
> <http://http2.github.io/http2-spec/#rfc.section.9.2.2>
>
> Further discussion needs to be directly related to this text — if you draw
> conclusions, please do so by illustrating how THESE requirements will
> result in an interop problem.
>
> As discussed, the TLS WG has been consulted on the current text; there is
> not a process problem inherent here. Furthermore, an implementation
> roadblock in a single platform, while unfortunate, is not grounds for
> changing the protocol on its own.
>
> That being the case, those who still think we have a problem need to
> convince the rest of the WG that this is the case — so far, I don’t see
> that happening.
>
> —
>
> My personal observations (no chair hat):
>
> AIUI, the crux of the purported problem is when a new cipher suite X is
> introduced, and a client offers it. If the server supports that cipher
> suite but the HTTP/2 implementation has not decided that it is conformant
> to these requirements, INADEQUATE_SECURITY will be thrown.
>
> It seems to me that a few editorial changes would help here.
>
> a) Explicitly note that INADEQUATE_SECURITY is thrown in 9.2.2 (it’s
> implied by 9.2 but let’s be explicit). This should happen regardless.
> b) Change the start of #2 above to “HTTP/2”. This should happen regardless.
> c) Change #2 above to “HTTP/2 MUST NOT be used with cipher suites that are
> known to be stream or block ciphers.” This emphasises that it’s a
> blacklist, not a whitelist, and avoids throwing INADEQUATE_SECURITY when
> encountering a cipher suite with unknown properties.
>
> Regards,
>
> --
> Mark Nottingham   http://www.mnot.net/
>
>
>
>
>


-- 
Greg Wilkins <gregw@intalio.com>
http://eclipse.org/jetty HTTP, SPDY, Websocket server and client that scales
http://www.webtide.com  advice and support for jetty and cometd.

v2.46.0 | Report a Bug | By Email | System Status