Re: #612: 9.2.2 and ALPN from Greg Wilkins on 2014-11-12 (ietf-http-wg@w3.org from October to December 2014)

From: Greg Wilkins <gregw@intalio.com>
Date: Wed, 12 Nov 2014 15:58:43 +1100
To: Mark Nottingham <mnot@mnot.net>
Cc: HTTP Working Group <ietf-http-wg@w3.org>
Message-ID: <CAH_y2NGQqqyM+pAuX5JZt4Ft3fYgBhbPsmr9MbT7m-jwk8fi4Q@mail.gmail.com>

On 12 November 2014 13:03, Mark Nottingham <mnot@mnot.net> wrote:

>
> -8<-
> If the ciphersuite selected for h2 is...
> BAD = peer MAY INADEQUATE_SECURITY
> !BAD = peer MUST NOT INADEQUATE_SECURITY
>
> Peers probably shouldn't negotiate BAD
>
> where BAD is a fixed in-spec blacklist
> ->8-
>

That looks very encouraging.   An in-spec blacklist for BAD ciphers
together to the !BAD==MUST NOT INADEQUATE_SECURITY, I think is a good
compromise.  It mostly addresses the fragile handshake concern while
allowing h1 fallback without additional latency.

I assume that there is an implied:

  BAD = peer MAY fallback to h1 (if able to influence ALPN protocol
selection)

and that will not be seen as a downgrade attack (or at least and acceptable
one).

cheers

-- 
Greg Wilkins <gregw@intalio.com>  @  Webtide - *an Intalio subsidiary*
http://eclipse.org/jetty HTTP, SPDY, Websocket server and client that scales
http://www.webtide.com  advice and support for jetty and cometd.

Received on Wednesday, 12 November 2014 04:59:13 UTC