Re: Discussion of 9.2.2

Jason,

On 25 Sep 2014, at 6:20 pm, Jason Greene <jason.greene@redhat.com> wrote:
> 1. H2 stack X, running on System A hard codes all known H2 compliant 1.2 ciphers
> 2. Time goes by, and a new stronger cipher C is released (either based on aero, or maybe just a new aead cipher in 1.3)
> 3. System B is a high security site and only allows cipher C

which is not conformant with "implementations of HTTP/2 that use TLS 1.2 MUST support TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 [TLS-ECDHE] with P256 [FIPS186].” (9.2.2) — assuming it’s still 1.2 (see below). You’re building a straw-man here...

> 4. The administrator on System A installs a TLS stack update to latest 1.3, which contains cipher C, so that A can talk to B

If both parties both speak 1.3, 9.2.2 doesn’t apply, as per recent discussion.

> 5. A now can’t talk to B, and the administrator can’t figure out why, and probably begrudges the switch to H2

See recent discussion regarding the language regarding unknown ciphers. Please address that proposal (mine or Martin’s).


Cheers,

--
Mark Nottingham   http://www.mnot.net/

Received on Thursday, 25 September 2014 17:56:47 UTC