Re: Discussion of 9.2.2 from Martin Nilsson on 2014-09-28 (ietf-http-wg@w3.org from July to September 2014)

From: Martin Nilsson <nilsson@opera.com>
Date: Sun, 28 Sep 2014 19:53:21 +0200
To: "Greg Wilkins" <gregw@intalio.com>
Cc: "HTTP Working Group" <ietf-http-wg@w3.org>
Message-ID: <op.xmwry7asiw9drz@beryllium.oslo.osa>

On Sun, 28 Sep 2014 04:12:08 +0200, Greg Wilkins <gregw@intalio.com> wrote:

>
> On 28 September 2014 01:58, Martin Nilsson <nilsson@opera.com> wrote:
>> Do you believe we will intentionally release a new cipher that isn't  
>> strong enough to be acceptable for HTTP/2? If no, then there isn't a  
>> problem >>here.
>
> That is not the failure mode that we have been talking about.
> It is not that the new keys are likely to be weak.  It is in fact  
> because they are almost certainly going to be strong, but might not  
> match the 9.2.2 >description of what a strong cipher is.

Either a new cipher will match the 9.2.2 criteria of strong key, and there  
is no problem, or it does not match, we state in text that it is also  
allowed for http/2, and there is no problem.

/Martin Nilsson

-- 
Using Opera's mail client: http://www.opera.com/mail/

Received on Sunday, 28 September 2014 17:53:51 UTC