Re: http2 opportunistic security negotiation
Erik Nygren <erik@nygren.org> Tue, 10 February 2015 23:17 UTC
Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ietf.org@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5F9EF1A8757 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Tue, 10 Feb 2015 15:17:47 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.289
X-Spam-Level:
X-Spam-Status: No, score=-6.289 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7prZbhveQ1xf for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Tue, 10 Feb 2015 15:17:44 -0800 (PST)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 511661A8756 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Tue, 10 Feb 2015 15:17:44 -0800 (PST)
Received: from lists by frink.w3.org with local (Exim 4.80) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1YLK0z-0003vi-Gj for ietf-http-wg-dist@listhub.w3.org; Tue, 10 Feb 2015 23:14:45 +0000
Resent-Date: Tue, 10 Feb 2015 23:14:45 +0000
Resent-Message-Id: <E1YLK0z-0003vi-Gj@frink.w3.org>
Received: from lisa.w3.org ([128.30.52.41]) by frink.w3.org with esmtp (Exim 4.80) (envelope-from <nygren@gmail.com>) id 1YLK0t-0003ux-Lo for ietf-http-wg@listhub.w3.org; Tue, 10 Feb 2015 23:14:39 +0000
Received: from mail-qa0-f53.google.com ([209.85.216.53]) by lisa.w3.org with esmtps (TLS1.0:RSA_ARCFOUR_SHA1:16) (Exim 4.72) (envelope-from <nygren@gmail.com>) id 1YLK0s-00045K-HH for ietf-http-wg@w3.org; Tue, 10 Feb 2015 23:14:39 +0000
Received: by mail-qa0-f53.google.com with SMTP id k15so24575qaq.12 for <ietf-http-wg@w3.org>; Tue, 10 Feb 2015 15:14:12 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=SqTjUsoiCRFb4eXUop6zt6nnk6nEIHMrE9EPs4C6fzw=; b=OVDWsOE3DTmxPRHMPc/m20MGKl1ZdLd1qEjN6IPnbM6QsONAZHvd95mf6GiG0G/m+J jcTEwHdXObxEEHPyklCocyvM9wi34KFr+OhbBqLa0FJavr7Xo/PJQ7NHrKsU3esn3yTt zzqVZJ9HQ/aP5HZfQFgiMxAkuuecFT9BeGHSEsKi3/JtR8Lj4tDzRO+CQYFKwS5BvGMV DPrBCkgkhxOTsDEg2+LWf/2tPxXUBJG8Eye1/YzNPyecxoaGf98Ab5C1Tw5c/Hz+DoAz Eems98FgdcP1u2YIrK7yZzxt2/s0yA06fjwTqI1zuoLDWK1fWL2qjvWkkaJyqlVbb+xQ u/GA==
MIME-Version: 1.0
X-Received: by 10.229.248.138 with SMTP id mg10mr58862513qcb.29.1423610052535; Tue, 10 Feb 2015 15:14:12 -0800 (PST)
Sender: nygren@gmail.com
Received: by 10.140.84.47 with HTTP; Tue, 10 Feb 2015 15:14:12 -0800 (PST)
In-Reply-To: <CAOdDvNryHpJ=GR2GJn3pxcL+FRVDKLJSs38wYd5wFUvGy3x3Eg@mail.gmail.com>
References: <CAKC-DJhOm-4AqfvsdvTL1NBn1kauTBcsah8MBhushsS=5Ods=A@mail.gmail.com> <CAOdDvNryHpJ=GR2GJn3pxcL+FRVDKLJSs38wYd5wFUvGy3x3Eg@mail.gmail.com>
Date: Tue, 10 Feb 2015 18:14:12 -0500
X-Google-Sender-Auth: Ub8_2BafBLtGn4SvlpPqZldSt58
Message-ID: <CAKC-DJgZE=xRqRXnO70NSV4_Mstad36czXSe5pugXwD0p0HMvA@mail.gmail.com>
From: Erik Nygren <erik@nygren.org>
To: Patrick McManus <pmcmanus@mozilla.com>
Cc: "ietf-http-wg@w3.org Group" <ietf-http-wg@w3.org>
Content-Type: multipart/alternative; boundary="001a1135f9027aec74050ec40b2f"
Received-SPF: pass client-ip=209.85.216.53; envelope-from=nygren@gmail.com; helo=mail-qa0-f53.google.com
X-W3C-Hub-Spam-Status: No, score=-3.3
X-W3C-Hub-Spam-Report: AWL=-2.642, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001
X-W3C-Scan-Sig: lisa.w3.org 1YLK0s-00045K-HH 758d3ac6a6dd70b25e9b6ec12929462b
X-Original-To: ietf-http-wg@w3.org
Subject: Re: http2 opportunistic security negotiation
Archived-At: <http://www.w3.org/mid/CAKC-DJgZE=xRqRXnO70NSV4_Mstad36czXSe5pugXwD0p0HMvA@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/28797
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
The two motivations for OE are to 1) help HTTP/2 deployment for HTTP-scheme
sites by getting around meddlesome middle-boxes, while 2) also providing a
tiny bit of protection against pervasive monitoring. In both cases, the
closer the traffic is to HTTPS traffic (port 443) the more likely it is to
make it through and work without interference. Both argue for using port
443 with a handshake where at least the ClientHello is indistinguishable
between a true HTTPS request and an OE HTTP request.
The "cleanest" solution would just be to give OE for HTTP/2 its own ALPN
token such that it is explicitly negotiated where you only send that token
in your ClientHello. This would help for #1 but is not ideal for #2. On
the other hand, there are some many attack vectors for #2 that it seems
more worthwhile to make sure #1 works well while raising the bar a little
for #2 where possible.
Erik
On Tue, Feb 10, 2015 at 5:47 PM, Patrick McManus <pmcmanus@mozilla.com>
wrote:
> I might be under-thinking this one.... but it occurs to me its possible to
> not put the tls version of the site on 443 if there is no https://
> version of the site.. oe doesn't require a particular port number and 443
> seems like the wrong choice if https:// isn't available. too simplistic?
>
> On Thu, Feb 5, 2015 at 10:08 AM, Erik Nygren <erik@nygren.org> wrote:
>
>> While digging further into server-side implementation details of the
>> current opportunistic security draft, we identified a user experience
>> problem. In particular, for a site that has Virtual Hosts which are
>> HTTP-only (ie, there is no valid certificate for them), there is no way in
>> the current proposal to both support Opportunistic Security (negotiate h2
>> for http scheme over TLS without a necessarily valid certificate) without
>> also giving users accidentally typing in https URIs a certificate mismatch
>> interstitial they'd be prompted to click through.
>>
>
>
>
- Re: http2 opportunistic security negotiation Eric Rescorla
- Re: http2 opportunistic security negotiation Erik Nygren
- Re: http2 opportunistic security negotiation Ilari Liusvaara
- Re: http2 opportunistic security negotiation Martin Thomson
- http2 opportunistic security negotiation Erik Nygren
- Re: http2 opportunistic security negotiation Ilari Liusvaara
- Re: http2 opportunistic security negotiation Patrick McManus
- Re: http2 opportunistic security negotiation Erik Nygren
- Re: http2 opportunistic security negotiation Patrick McManus
- Re: http2 opportunistic security negotiation Patrick McManus