W3C home > Mailing lists > Public > ietf-http-wg@w3.org > July to September 2014

Re: 9.2.2 Cipher fallback and FF<->Jetty interop problem

From: Roland Zink <roland@zinks.de>
Date: Wed, 24 Sep 2014 10:43:08 +0200
Message-ID: <5422841C.2070401@zinks.de>
To: ietf-http-wg@w3.org
On 24.09.2014 09:02, Eric Rescorla wrote:
> I'm sorry, I'm not following this point.
>
> Say that someone invents some new cipher suite, X. It's either
> acceptable for h2 or it's not [0]. The client then behaves as follows:
>
> - If it is acceptable for h2, the client offers it, since everything is
>   fine.
> - If it's not acceptable for h2, the client offers it, secure in the
>   knowledge that a conformant server will (per 9.2.2) not negotiate
>   it for h2.
>
> As far as I can tell, either of these is fine. Do you disagree?
>
When h2 is upgraded to allow X (per 9.2.2X) then an old client offering 
X only for some other protocol will not work with a new h2 server as it 
will reject based on 9.2.2. So to allow X we would need h3. When you 
assume the h2 client just white lists the current set of AEAD ciphers 
then you not even can add a new AEAD cipher as the client may reject it 
for h2 even when offered in the list of supported ciphers.

Roland
Received on Wednesday, 24 September 2014 08:43:34 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 30 March 2016 09:57:10 UTC