W3C home > Mailing lists > Public > ietf-http-wg@w3.org > July to September 2014

Re: 9.2.2 Cipher fallback and FF<->Jetty interop problem

From: Eric Rescorla <ekr@rtfm.com>
Date: Tue, 23 Sep 2014 01:11:16 -0700
Message-ID: <CABcZeBM72K5piSJ2cGW9FXSqPzpB=LwZE8s7Z2ZytuNa938xXw@mail.gmail.com>
To: Willy Tarreau <w@1wt.eu>
Cc: Jason Greene <jason.greene@redhat.com>, Greg Wilkins <gregw@intalio.com>, Patrick McManus <pmcmanus@mozilla.com>, HTTP Working Group <ietf-http-wg@w3.org>
On Mon, Sep 22, 2014 at 10:42 PM, Willy Tarreau <w@1wt.eu> wrote:

> Hi Eric,
>
> On Mon, Sep 22, 2014 at 11:21:52AM -0700, Eric Rescorla wrote:
> > > Ok but then if you wait on HTTP/3, 9.2.2 then precludes your ability to
> > > select a more modern cipher category like the Aero example. So it
> doesn???t
> > > seem to really meet the former case, and it certainly doesn???t meet
> the
> > > latter.
> >
> > I don't think that's true. 9.2.2 doesn't say you can't do non-AEAD. It
> says
> > that you can't do stream or block. Rather:
> >
> > "Clients MUST accept DHE sizes of up to 4096 bits. HTTP MUST NOT be used
> > with cipher suites that use stream or block ciphers. Authenticated
> > Encryption with Additional Data (AEAD) modes, such as the Galois Counter
> > Model (GCM) mode for AES <http://http2.github.io/http2-spec/#RFC5288>
> > [RFC5288] are acceptable."
> >
> > I would assume that any new cipher spec would come with a "this is OK for
> > HTTP2" bit (or not). So I don't see the interop problem.
>
> I think it's not easy to tell what will exist in the future, however we can
> exhaustively list what existing ciphers we don't want to support. Thus,
> shouldn't we instead enumerate a list of properties that are incompatible
> with HTTP/2 ? That would leave the door open for new ciphers. HTTP/1 has
> benefitted from TLS evolutions for almost 20 years, and I would find it
> sad that we have to emit a new HTTP version just to make everyone support
> a new cipher. This is instead a property of the TLS layer and both sides
> upgrade progressively to support new versions.
>

My understanding is that this is what 9.2.2 does.

-Ekr

Regards,
> Willy
>
>
Received on Tuesday, 23 September 2014 08:12:27 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 30 March 2016 09:57:10 UTC