W3C home > Mailing lists > Public > ietf-http-wg@w3.org > July to September 2014

Re: 9.2.2 Cipher fallback and FF<->Jetty interop problem

From: Michael Sweet <msweet@apple.com>
Date: Fri, 05 Sep 2014 18:35:22 -0400
Cc: Simone Bordet <simone.bordet@gmail.com>, Patrick McManus <mcmanus@ducksong.com>, Greg Wilkins <gregw@intalio.com>, HTTP Working Group <ietf-http-wg@w3.org>
Message-id: <1889520A-F4E3-440B-B97E-E46A0C105E08@apple.com>
To: Martin Thomson <martin.thomson@gmail.com>

Responses inline...

On Sep 5, 2014, at 5:44 PM, Martin Thomson <martin.thomson@gmail.com> wrote:
> ...
> I can't really do anything about that without overturning a standing
> decision.  I'm not the chair, but I'm guessing that you'd have to
> exhibit more than discomfort for that to happen.

RFC 5246 requires a conforming implementation to be able to negotiate TLS_RSA_WITH_AES_128_CBC_SHA.  HTTP/2 requires conformance to RFC 5246 but forbids negotiation of TLS_RSA_WITH_AES_128_CBC_SHA.  Do you not see the problem this creates?

> ...
> I don't believe in concentrating all the security considerations in
> the security consideration section, but a pointer makes sense (I see
> we have none).

You might get some different opinions on this when we are past WGLC.  Generally speaking, security considerations go in the section with that name, with pointers from other places as needed.  RFC 2223 and 3552 seem pretty clear on that point...

> ...
>> I am VERY uncomfortable with Section 9.2.2 as currently written.  Basically it makes it impossible to use a TLS/1.2 [RFC5246] implementation since you are prohibiting the only required TLS/1.2 cipher suite (TLS_RSA_WITH_AES_128_CBC_SHA).  I would be much more comfortable requiring base TLS/1.2 (TLS_RSA_WITH_AES_128_CBC_SHA) and recommending the rest.
> The suite we require is not especially new, and all the
> implementations I'm aware of support it.  Impossible is definitely too
> strong a word.

See my first comment above.  Section 9 requires conformance to RFC 5246.  Section 9.2.2 makes that conformance requirement impossible.

> ...
>> Last (editorial) issue: there are lots of TLS-foo references that really should be RFCnnnn references...
> Those are just the symbolic reference labels.  Labels that were
> purposefully selected.

RFC references are supposed to be RFCnnnn.

Michael Sweet, Senior Printing System Engineer, PWG Chair
Received on Friday, 5 September 2014 22:35:53 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 30 March 2016 09:57:10 UTC