Re: 9.2.2 Cipher fallback and FF<->Jetty interop problem from Eric Rescorla on 2014-09-24 (ietf-http-wg@w3.org from July to September 2014)

From: Eric Rescorla <ekr@rtfm.com>
Date: Wed, 24 Sep 2014 01:54:14 -0700
To: Roland Zink <roland@zinks.de>
Cc: HTTP Working Group <ietf-http-wg@w3.org>
Message-ID: <CABcZeBMESJ-3yGvdFEN1DQMDSf0rfs=TauEpv9HdB=m2YSnUGg@mail.gmail.com>

On Wed, Sep 24, 2014 at 1:43 AM, Roland Zink <roland@zinks.de> wrote:

> On 24.09.2014 09:02, Eric Rescorla wrote:
>
>> I'm sorry, I'm not following this point.
>>
>> Say that someone invents some new cipher suite, X. It's either
>> acceptable for h2 or it's not [0]. The client then behaves as follows:
>>
>> - If it is acceptable for h2, the client offers it, since everything is
>>   fine.
>> - If it's not acceptable for h2, the client offers it, secure in the
>>   knowledge that a conformant server will (per 9.2.2) not negotiate
>>   it for h2.
>>
>> As far as I can tell, either of these is fine. Do you disagree?
>>
>>  When h2 is upgraded to allow X (per 9.2.2X) then an old client offering
> X only for some other protocol will not work with a new h2 server as it
> will reject based on 9.2.2.


Wait, how does this happen? When we introduce X we label it as acceptable
for h2. Old clients won't offer X because they won't have it and when they
do have it they should know it's acceptable for h2.

-Ekr

Received on Wednesday, 24 September 2014 08:55:21 UTC