Re: Requiring TLS 1.3 as alternative to HTTP/2 section 9.2.2 from Michael Sweet on 2014-10-28 (ietf-http-wg@w3.org from October to December 2014)

From: Michael Sweet <msweet@apple.com>
Date: Tue, 28 Oct 2014 13:01:31 -0400
To: Dave Garrett <davemgarrett@gmail.com>
Cc: ietf-http-wg@w3.org
Message-id: <430843F9-E431-4A4D-8E40-636A9133081E@apple.com>

Dave,

> On Oct 27, 2014, at 9:42 PM, Dave Garrett <davemgarrett@gmail.com> wrote:
> 
> It looks like HTTP/2 section 9.2.2 is on the chopping block, with little push-back thus far, so I'm going to ask the obvious question: what's going to replace it?
> 
> Attempting to enforce cipher requirements here is problematic, however removing these requirements will also add its own interoperability problems. If a server were to follow the spec without these requirements, then a browser that already implements them will reject the connection. Unless everyone is also going to pledge to remove already implemented security checks, this will be an issue. Without 9.2.2, even RC4 is valid for HTTP/2 traffic, which seems like something implementors would fight against introducing.

TLS/1.2 mandates TLS_RSA_WITH_AES_128_CBC_SHA, so at the very least that cipher suite will have priority over any of the RC4 cipher suites, assuming that they are enabled at all on the server.

_________________________________________________________
Michael Sweet, Senior Printing System Engineer, PWG Chair

Attachments

application/pkcs7-signature attachment: smime.p7s

Received on Tuesday, 28 October 2014 17:02:05 UTC