IETF Logo Mail Archive

[secdir] Secdir review of draft-ietf-httpbis-http2-encryption-10

Charlie Kaufman <charliekaufman@outlook.com> Wed, 01 March 2017 16:53 UTC

Return-Path: <charliekaufman@outlook.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 85EE91294F7; Wed, 1 Mar 2017 08:53:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.019
X-Spam-Level:
X-Spam-Status: No, score=-2.019 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=outlook.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hI-YzyN1D8MR; Wed, 1 Mar 2017 08:53:36 -0800 (PST)
Received: from SNT004-OMC2S22.hotmail.com (snt004-omc2s22.hotmail.com [65.55.90.97]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AF0EE1294EB; Wed, 1 Mar 2017 08:53:36 -0800 (PST)
Received: from NAM02-CY1-obe.outbound.protection.outlook.com ([65.55.90.72]) by SNT004-OMC2S22.hotmail.com over TLS secured channel with Microsoft SMTPSVC(7.5.7601.23008); Wed, 1 Mar 2017 08:53:36 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=F/K6HDJA/SniZuOCLL3XF9JYzN5e16am+gYPXOGJ8WY=; b=rLndWM41r4fXL6RGM5uFMwIdcS1qGv2NdBxFdWeSQA60GjKP7LIALHrdyhB1v5Lc9GJXV3Ik2+Trd8z4TQAs0gy6B8CcKK0ux0fyGjS2e75aBFqfcgeuxgo487EMBheUSX1Cd9Dqxk+ojRpRHBrNYS1xAp3yJKDtebq5iVdwUaDALR58jotTS1irRhIwYUAWY3VjzNOTnMRr+hpJqn8U9IaUQAURxKDkFfmA42fVXkxn6V6kx1OB3jLKJMluS+iKf5fKBZS6PMSy/I5Bc2J3GBk4BhGcJSR1GUtASMewW7CxZmJwgE1guLcdCicn32yGGg/91W+LCnPEm5/x1j4seA==
Received: from SN1NAM02FT052.eop-nam02.prod.protection.outlook.com (10.152.72.53) by SN1NAM02HT220.eop-nam02.prod.protection.outlook.com (10.152.73.241) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.933.11; Wed, 1 Mar 2017 16:53:33 +0000
Received: from CY4PR17MB0997.namprd17.prod.outlook.com (10.152.72.57) by SN1NAM02FT052.mail.protection.outlook.com (10.152.72.146) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.933.11 via Frontend Transport; Wed, 1 Mar 2017 16:53:33 +0000
Received: from CY4PR17MB0997.namprd17.prod.outlook.com ([10.173.181.7]) by CY4PR17MB0997.namprd17.prod.outlook.com ([10.173.181.7]) with mapi id 15.01.0933.020; Wed, 1 Mar 2017 16:53:32 +0000
From: Charlie Kaufman <charliekaufman@outlook.com>
To: "secdir@ietf.org" <secdir@ietf.org>, 'The IESG' <iesg@ietf.org>, "draft-ietf-httpbis-http2-encryption.all@tools.ietf.org" <draft-ietf-httpbis-http2-encryption.all@tools.ietf.org>
Thread-Topic: Secdir review of draft-ietf-httpbis-http2-encryption-10
Thread-Index: AQHSkqtbbEIIZ0NFOUeTELkryLureA==
Date: Wed, 01 Mar 2017 16:53:32 +0000
Message-ID: <CY4PR17MB0997309E466E776272827771DF290@CY4PR17MB0997.namprd17.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=outlook.com;
x-incomingtopheadermarker: OriginalChecksum:985A0190DB44F194600088C413A2EBE80EE51DEF139C23C7E703A675B361783C; UpperCasedChecksum:F8F31913F01C5E1F7F971096741447D20E0A2351A9CF366F87844A781882E540; SizeAsReceived:7795; Count:37
x-ms-exchange-messagesentrepresentingtype: 1
x-tmn: [TCqjT2ZL3BETgpDwlBpe6gQE0gPU5AzS]
x-incomingheadercount: 37
x-eopattributedmessage: 0
x-microsoft-exchange-diagnostics: 1; SN1NAM02HT220; 5:ezYvJEP0jGZEhnWmzP7jSaFCihuTVa4CIIpobvtOnnLfRq2eGWLeLD6SmBh+iBCAtjPU8Mf8vkmBpDuyrxsB2Vr/cYlidmP8j0QRmied9t4yUHXheRqaZjN5vF0lZBL0LiDWh0GtN7PgShuJABTosQ==; 24:foYrjQsxDzohQAmY5+OvvRe9rZUV89Y1seGquv74+WfIe3aPrQYSvxJOROypRM5s6MqzIRgrkb4F6KRe3SSCVsIFc56BO8ojWvB7/CWKxOw=; 7:hwHYTeNkGTcPPNo/lq97hPKH/Qs3t81poye7ySFJQCtENP8jqA+80XbCcyGrbi3r7uHhwb2s6RD8fF5nsZm/VXMR+wESOSo65pzUtt21nIXfvhvCCQCY/R0uBYtV4iDW9iifEx3cNQYzCZeu0Q6piJD2IOCw0Nq6cns7/6nhnxx3UzAZnLZ1vBu1Rpm/oMDh4PuVkqeySbvqx0iPnAqZZhvQ+3tGxKzQdY4UYLcRKqP5sEnHKDsZOlnOCQXNnY87Dztrn50RFOZHTCM0/Xbunm1iF0NViKa7tat9y+ZBPogcpzvzkXQ8bqu62F4JWNv5
x-forefront-antispam-report: EFV:NLI; SFV:NSPM; SFS:(10019020)(98900012); DIR:OUT; SFP:1102; SCL:1; SRVR:SN1NAM02HT220; H:CY4PR17MB0997.namprd17.prod.outlook.com; FPR:; SPF:None; LANG:en;
x-ms-office365-filtering-correlation-id: feaa6c27-5b3b-4648-75af-08d460c37eb5
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(201702061074)(5061506573)(5061507331)(1603103135)(201702181095)(1603101448)(1601125254)(1701031045); SRVR:SN1NAM02HT220;
x-ms-exchange-slblob-mailprops: /ntUcd07dac1NOabgpcu/Lf8xO8NWPhltzuPo1XMHrYfJdnYJcb1RhSF8WPRPbyB2hfMRf+P9e0JTD6MiH23NAjksBzuV1+ECCcqy7hzeuj8uQ6mw8DH3mvscctxbzDrc6foacdodiyXJSp5bImbiEDoKqO8HepOA1tpAs3I/wVq8lUa+2DFYvM3Ztfc27cPtayXCabgmXHXplWj4ZpYXNv7v5oHjan/kvFCGIybAkYx557mZV28xmUrNfFQ59+CR4xGFoHQt4h5h1/MCUREVU8D8lpgWLjO6e/FgMzlreHDVu6GlFlBwZThIk0CBV3Qx1Qukes/i1FohXsRvcSjPnioohRgeK415tR6LT4EZATUK/dlBimub6ElDLH+q6aPGLWfMCO0gZNkQYXtOAFdYFsu7/KvjhecEukh02+TvSBDv5ychR37zc2VATCl7J/Ss93VeyL4s5gIPB/yr9henWHmD7li5TdQdojVhqenHxvqS+DqkGV5JF83e4RlJTKBqXM9Kaz6dPUmZ1fmcCwGisRA8fIgtlMZ3mG1PNkJXiagT3Yxg9h5FRnElrMYdwuKosGrr2XFF2+N5f4lzcL6eW4io9mSbTW/iplQECc+Z4p+n45ZuucVgi2izZXPEaIfW5tCUgrtl8JM6vD8gcp8oH71vp6bTv35jOsZjcwyos8Uxmf6XJZmRVI5qUIBo3iGULLZWSc8dBeJuXcpHpBOzfojpKm0HZA3
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(432015087)(444000031); SRVR:SN1NAM02HT220; BCL:0; PCL:0; RULEID:; SRVR:SN1NAM02HT220;
x-forefront-prvs: 0233768B38
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_CY4PR17MB0997309E466E776272827771DF290CY4PR17MB0997namp_"
MIME-Version: 1.0
X-OriginatorOrg: outlook.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 01 Mar 2017 16:53:32.4751 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Internet
X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN1NAM02HT220
X-OriginalArrivalTime: 01 Mar 2017 16:53:36.0203 (UTC) FILETIME=[5E5821B0:01D292AC]
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/sYT2fCUqHWiY-x1qHmW3Quclt_U>
Subject: [secdir] Secdir review of draft-ietf-httpbis-http2-encryption-10
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Mar 2017 16:53:38 -0000

I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. Document editors and WG chairs should treat these comments just like any other last call comments.


This document specifies a protocol allowing http servers to announce to clients that they allow http queries over TLS, and for capable clients to optionally retrieve content over TLS. The intent is to protect against passive eavesdropping attacks but to never cause errors due to problems with certificates or non-support of TLS by the origin server. It does not protect against server impersonation because there is no reliable way to learn that the server implements this feature The design uses the alternative service advertisement mechanism specified in RFC7838 and appears (at least to my naïve eyes) consistent with the syntax and spirit of that spec. It includes a number of mechanisms designed to prevent hijacking attacks.



I see no security issues with this document. It claims an intended status of Experimental, which seems surprising. I would expect this to be standards track.



The title of the document: "Opportunistic Security for HTTP" is a little misleading since I expect many in this community would like to see opportunistic encryption for HTTP/1.1, which could not be implemented with this specification. A better title might be "Opportunistic Encryption for HTTP/2".



In general, the document has a long list of rules for when it is OK to do this and when it is not. It would be helpful to readers (and to people working on future revisions) if there were more explanations of why usage is so restricted (i.e., what could go wrong if the restrictions were ignored). I found myself wondering, for example, why server certificates needed to pass all the same restrictions as https when there is no cryptographic protection against server impersonation. I believe the answer is that without that restriction there are scenarios where the feature could make it logistically easier to impersonate a server without modifying DNS responses. But more explanation in the document would have been helpful.



Nits:



Last paragraph of section 1.1, there is an ambiguous antecedent.



Furthermore, this specification is not

intended to replace or offer an alternative to "https", since it both prevents active attacks and invokes a more stringent security model in most clients.



Should be replaced with:



Furthermore, this specification is not

intended to replace or offer an alternative to "https", since https both prevents active attacks and invokes a more stringent security model in most clients.

v2.23.0 | Report a Bug | By Email