Re: Proposal for doing unauthenticated encryption inside of HTTP/2

On Tue, Dec 3, 2013 at 9:44 AM, Martin Thomson <>wrote:

> On 3 December 2013 09:32, Paul Hoffman <> wrote:
> > Because the goal is to "encrypt more", and there is disagreement about
> what
> > "more" means. The WG seemed more wedged on how to encrypt than what to
> > encrypt. I trust the WG to resolve the latter if they figure out the
> former.
> You are far more trusting than I :)
> The reason I asked this question was not because I wanted you to stick
> your neck out that much further.  I really wanted to get some of the
> more difficult questions answered with respect to how the keying
> material was applied.

Once the parties have an agreed-to encryption algorithm and shared secret
keys, there details of how to apply them are fairly trivial. Documents
about how to do this for S/MIME, TLS, and IPsec are usually about two pages
of real material and then a bunch of fluff. The fact that MUE will re-use
known encryption algorithms (like AES-GCM) should make such documents
trivially short.

> Sequence numbers, IVs, all that sort of muck.
> Maybe that's just an inherent aversion to hand-waving over the
> details.

They are details that need to be worked out, but not until the WG decides
if it likes the advantages of MUE more than the advantages of
upgrade-to-TLS. That decision should absolutely be based on "which style
makes more sense", not "which early proposal had more details".

> >> Why did you choose to invent a new security protocol and not repurpose
> >> something like DTLS?
> >
> > DTLS assumes a transport layer after the negotiation is done. DTLS takes
> > many more round trips. DTLS has the concept of authenticating the server
> > mostly built-in. If the WG wants DTLS, I would strongly suggest using TLS
> > instead.
> Yes, that's the unasked question.  What's wrong with TLS exactly?

I was about to say "it's in the document" and now see that the
Markdown-to-XML converter ate that. <sigh>. Please see Section 6 in the -01
draft (
just published for a recap of the pros and cons of what people have said on
the list.

--Paul Hoffman

Received on Tuesday, 3 December 2013 18:25:56 UTC