Re: Concluding discussion on #612 (9.2.2)

On Tue, Oct 7, 2014 at 3:54 PM, William Chan (陈智昌)
<willchan@chromium.org> wrote:
> Explicitly +agl since he's not subscribed to the mailing list. And I'm
> deferring the Chromium/Google stance to him.

We can live with or without the requirements in 9.2.2 but, if 9.2.2 is
struck, we might still have its requirements in code. Everything less
than TLS 1.2 with an AEAD mode is cryptographically broken and nothing
new should be using anything less.

A requirement on TLS 1.3 would be fine, except for the fact that TLS
1.3 doesn't exist yet and isn't likely to for some time.

I think that Jason Greene's enumerated requirements are roughly
correct, but I also think that TLS stacks already implement the needed
functions. Since it would be a static configuration error to have
HTTP/2 enabled with an SSL configuration that could lead to an invalid
state, I hope that it's not too burdensome to check. Indeed, if the
server is configured with weak cipher suites as a high priority, even
without HTTP/2, it would be nice to warn about that.


Cheers

AGL

Received on Wednesday, 8 October 2014 17:47:47 UTC