IETF Logo Mail Archive

Re: New Version Notification for draft-nottingham-http2-encryption-03.txt

"Martin Nilsson" <nilsson@opera.com> Tue, 20 May 2014 22:47 UTC

Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8BDD91A03DD for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Tue, 20 May 2014 15:47:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.553
X-Spam-Level:
X-Spam-Status: No, score=-7.553 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.651, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DAFCebQ_k6DS for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Tue, 20 May 2014 15:47:41 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 67DA81A03F1 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Tue, 20 May 2014 15:47:41 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1Wmsn4-0001Iw-FM for ietf-http-wg-dist@listhub.w3.org; Tue, 20 May 2014 22:45:46 +0000
Resent-Date: Tue, 20 May 2014 22:45:46 +0000
Resent-Message-Id: <E1Wmsn4-0001Iw-FM@frink.w3.org>
Received: from maggie.w3.org ([128.30.52.39]) by frink.w3.org with esmtp (Exim 4.72) (envelope-from <nilsson@opera.com>) id 1Wmsmo-0001Dh-O9 for ietf-http-wg@listhub.w3.org; Tue, 20 May 2014 22:45:30 +0000
Received: from mail-la0-f48.google.com ([209.85.215.48]) by maggie.w3.org with esmtps (TLS1.0:RSA_ARCFOUR_SHA1:16) (Exim 4.72) (envelope-from <nilsson@opera.com>) id 1Wmsmn-00058l-Hu for ietf-http-wg@w3.org; Tue, 20 May 2014 22:45:30 +0000
Received: by mail-la0-f48.google.com with SMTP id mc6so939671lab.7 for <ietf-http-wg@w3.org>; Tue, 20 May 2014 15:45:02 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:content-type:to:subject:references:date :mime-version:content-transfer-encoding:from:organization:message-id :in-reply-to:user-agent; bh=2Bpz164oNyM2HhH3f0EJiYgLwqWfc0XOct8dzV0ROrY=; b=AoBfEZtMYG649ookSVcgCGZFBol8XEb/lAyRU++9VULVqIQjPR/o8o25sis86YNDqG kWeA53ZhCAZVTEfQDYFtQktpCjqTz42jFpeyifKNuodTTSDPcstx886CebdOsLhXBl6i vnXdwDwf/jBmiw68FRpy85BSi5+zabVRvEq3kYsDMXAf7ZN9iBE68b7i+yTGX2EUH9Dl 7hcYGFUYE41diKn2CHLLzDt876MSCBpkR2cONjZbsDZGkHbW3ZeQdFAVAUcYCCKJEaWH Vkt8adlEy2gApgexsX8nZY3Hj/yr+gutxOwG0tq0zl6r+0SW3jT2nGYIjpBk4hqA/dqd fr9w==
X-Gm-Message-State: ALoCoQkiSv8K717A4Z1Pi1feZxD+6Br1MQVyiKFempNIwktH7oiYfNXQQk9O2PtMcI98YbH06/Cb
X-Received: by 10.152.205.106 with SMTP id lf10mr34348278lac.21.1400625902293; Tue, 20 May 2014 15:45:02 -0700 (PDT)
Received: from uranium.oslo.osa ([194.181.144.50]) by mx.google.com with ESMTPSA id f4sm11569535lbv.26.2014.05.20.15.45.00 for <ietf-http-wg@w3.org> (version=TLSv1.2 cipher=RC4-SHA bits=128/128); Tue, 20 May 2014 15:45:01 -0700 (PDT)
Content-Type: text/plain; charset="iso-8859-15"; format="flowed"; delsp="yes"
To: ietf-http-wg@w3.org
References: <20140520034054.10225.92036.idtracker@ietfa.amsl.com> <5905C797-A8E2-417B-94AB-589C174382BA@mnot.net> <CAPik8yb2P5RoGMLB=OtcbnpgZd-if9FpEp0HcLQcyVMtie4Yig@mail.gmail.com> <CABkgnnUJ+eDyjJteYj0pDQyy3k-j+DC2io71P-p8F=ufvDEUwg@mail.gmail.com>
Date: Wed, 21 May 2014 00:45:00 +0200
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Martin Nilsson <nilsson@opera.com>
Organization: Opera Software
Message-ID: <op.xf6j5aubiw9drz@uranium.oslo.osa>
In-Reply-To: <CABkgnnUJ+eDyjJteYj0pDQyy3k-j+DC2io71P-p8F=ufvDEUwg@mail.gmail.com>
User-Agent: Opera Mail/12.02 (Win32)
Received-SPF: pass client-ip=209.85.215.48; envelope-from=nilsson@opera.com; helo=mail-la0-f48.google.com
X-W3C-Hub-Spam-Status: No, score=-0.7
X-W3C-Hub-Spam-Report: RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001
X-W3C-Scan-Sig: maggie.w3.org 1Wmsmn-00058l-Hu 0abf204ca7681ab9fe7b1b298d8a23d8
X-Original-To: ietf-http-wg@w3.org
Subject: Re: New Version Notification for draft-nottingham-http2-encryption-03.txt
Archived-At: <http://www.w3.org/mid/op.xf6j5aubiw9drz@uranium.oslo.osa>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/23724
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

On Tue, 20 May 2014 18:54:22 +0200, Martin Thomson  
<martin.thomson@gmail.com> wrote:

>
> Maybe there's a case for further highlighting the distinction we want
> to retain, at least at the broadest level of generality: https ==
> secure, http == not.  That is the point of Section 6.1, but I might be
> convinced that repetition of this is necessary.
>

I assume that the set of ciphers you negotiate from would be the same here  
as for https. The performance difference isn't big, and you minimize your  
traffic analysis footprint by not having different TLS parameters for http  
and https URLs. Given this the only possible difference are the  
certificates, and they will be the same for http as https users of a  
specific site. So in practice there will be no difference between the  
actual connections for http and https in many cases. Should you still not  
show any security indicators in the UI?

/Martin Nilsson

-- 
Using Opera's revolutionary email client: http://www.opera.com/mail/

v2.23.0 | Report a Bug | By Email