IETF Logo Mail Archive

Re: [TLS] A new consensus call on ALPN vs NPN (was ALPN concerns)

Stephen Farrell <stephen.farrell@cs.tcd.ie> Tue, 10 December 2013 22:19 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 198B31AE0FA for <tls@ietfa.amsl.com>; Tue, 10 Dec 2013 14:19:34 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KFtbIOCZypHG for <tls@ietfa.amsl.com>; Tue, 10 Dec 2013 14:19:31 -0800 (PST)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) by ietfa.amsl.com (Postfix) with ESMTP id 4E7121AE0F3 for <tls@ietf.org>; Tue, 10 Dec 2013 14:19:31 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 857ADBE60; Tue, 10 Dec 2013 22:19:23 +0000 (GMT)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QW16bDBTEKMk; Tue, 10 Dec 2013 22:19:21 +0000 (GMT)
Received: from [10.87.48.12] (unknown [86.42.21.29]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 692ADBE5D; Tue, 10 Dec 2013 22:19:21 +0000 (GMT)
Message-ID: <52A7935E.5020906@cs.tcd.ie>
Date: Tue, 10 Dec 2013 22:19:10 +0000
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.1.1
MIME-Version: 1.0
To: Hannes Tschofenig <hannes.tschofenig@gmx.net>, Brian Smith <brian@briansmith.org>, "<tls@ietf.org>" <tls@ietf.org>
References: <CAFewVt7SS9ud8J=6VtR-Zv-9bhaTHEnjT8XD+ULaRSVUkYftaQ@mail.gmail.com> <52A77DB4.7020501@gmx.net>
In-Reply-To: <52A77DB4.7020501@gmx.net>
X-Enigmail-Version: 1.6
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Subject: Re: [TLS] A new consensus call on ALPN vs NPN (was ALPN concerns)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Dec 2013 22:19:34 -0000

On 12/10/2013 08:46 PM, Hannes Tschofenig wrote:
> 
> On 12/09/2013 03:22 PM, Brian Smith wrote:
>> I think we should re-evaluate whether we
>> still have consensus on moving forward with recommending ALPN as the
>> protocol negotiation mechanism to be used in TLS and specifically in
>> HTTP/2.
> 
> +1
> 
> I was in the room and I recall the discussions. I went to the microphone
> and expressed my excitement about the fact that privacy related topics
> where discussed in the TLS working group (given that privacy wasn't an
> issue previously) and the response was "This has nothing to do with
> privacy.".
> 
> Luckily we know much better now (or at least some people do).

(no hats as usual)

FWIW, I agree with you in general, but in this case the privacy
leak is non-existent if its only HTTP/1.1 vs HTTP/2.0 - since
the binary encoding and lack of head-of-line blocking in the
latter will give that game away anyway.

I'd say focusing on tls1.3 and any privacy gains there is better
than diverting effort to NPN to be honest.

S.

> 
> Ciao
> Hannes
> 
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
>

v2.23.0 | Report a Bug | By Email