RE: #612: 9.2.2 and ALPN from Albert Lunde on 2014-11-13 (ietf-http-wg@w3.org from October to December 2014)

From: Albert Lunde <atlunde@panix.com>
Date: Thu, 13 Nov 2014 09:22:01 -0600
To: "'HTTP Working Group'" <ietf-http-wg@w3.org>
Message-ID: <00fb01cfff55$93762410$ba626c30$@panix.com>

I said:

>So long as  some servers treat HTTP/1.1 and HTTP/2.0 as interchangeable, retrying requests as HTTP/1.1 could constitute a downgrade attack

 

My concern about downgrades is I suppose philosophical: at this point it doesn’t seem that TLS+HTTP/1.1 vs TLS+HTTP/2.0 are that different in terms of potential security vulnerabilities. The idea that security risks are somehow less important when retrying under HTTP/1.1 seems to be sweeping them under the rug, I’m not an implanter, just a long term bystander, so you may take my two cents for what it’s worth.

 

The target of choice seems to be cookies or http session keys, and the most powerful vector seems to be iterated attacks executed with JavaScript and other active context; these factors aren’t that different between HTTP versions. 

 

Isolating cookies or TLS keys to only apply to HTTP/2.0 or HTTP/1.1 could be a meaningful security distinction, but it would break things and slow adoption, I suppose. And it would be yet another hack to make active content “safe”.

Received on Thursday, 13 November 2014 15:22:22 UTC