Re: Discussion of 9.2.2 from Eric Rescorla on 2014-09-25 (ietf-http-wg@w3.org from July to September 2014)

From: Eric Rescorla <ekr@rtfm.com>
Date: Thu, 25 Sep 2014 10:05:16 -0700
To: Greg Wilkins <gregw@intalio.com>
Cc: Martin Thomson <martin.thomson@gmail.com>, Mark Nottingham <mnot@mnot.net>, HTTP Working Group <ietf-http-wg@w3.org>
Message-ID: <CABcZeBO46e9TpL_kksL5khPx0zbHv0Y3ZD1kp9ka8tzbMf5yhg@mail.gmail.com>

On Thu, Sep 25, 2014 at 9:52 AM, Greg Wilkins <gregw@intalio.com> wrote:

>
> Eric,
>
> Thanks for that clarification.  I think that explains much of the(my?)
> confusion about 9.2.2.
>
> I think this indicates that the wording of 9.2.2 is indeed causing
> confusion and has actually created wrong implementations.   In FF the 9.2.2
> test is currently implemented as:
>
>    isAEAD()
>
> when it should be:
>
>    !isBlock() && !isStream()
>
> The former is a interoperability problem for future acceptable non AEAD
> ciphers, while the later is not.
>

Trying to think this through....

Isn't that only true if we add a new non-AEAD ciphersuite in NSS and then
forget
to update the code in Firefox?

-Ekr

Received on Thursday, 25 September 2014 17:06:28 UTC