W3C home > Mailing lists > Public > ietf-http-wg@w3.org > July to September 2014

Re: Discussion of 9.2.2

From: Martin Thomson <martin.thomson@gmail.com>
Date: Thu, 25 Sep 2014 01:30:13 -0700
Message-ID: <CABkgnnV0HFeshNAe9CAzFDeED6Os_GmG6kxm827N18wduCkjiA@mail.gmail.com>
To: Mark Nottingham <mnot@mnot.net>
Cc: HTTP Working Group <ietf-http-wg@w3.org>
On 24 September 2014 04:17, Mark Nottingham <mnot@mnot.net> wrote:
> a) Explicitly note that INADEQUATE_SECURITY is thrown in 9.2.2 (it’s implied by 9.2 but let’s be explicit). This should happen regardless.

Sure.  I'll add this to my open PR on this general issue.

> b) Change the start of #2 above to “HTTP/2”. This should happen regardless.


> c) Change #2 above to “HTTP/2 MUST NOT be used with cipher suites that are known to be stream or block ciphers.” This emphasises that it’s a blacklist, not a whitelist, and avoids throwing INADEQUATE_SECURITY when encountering a cipher suite with unknown properties.

The "known to be" is a problem here.  That implies an uncertainty that
would actually reinforce Greg's concerns around fragility and suite
agility.  This is not ambiguous at all; a cipher suite is either a
stream/block cipher or it is not (same goes for the PFS thing).

Based on this discussion, I think that there needs to be a d) here
where we note that implementations MUST NOT offer cipher suites where
these properties (PFS, stream/block mode) are unknown.  This was an
assumption on my part that turns out to be important.  With that
change, I think that the concern about fragility becomes immaterial.
Received on Thursday, 25 September 2014 08:30:41 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 30 March 2016 09:57:10 UTC