- From: Martin Thomson <martin.thomson@gmail.com>
- Date: Thu, 13 Nov 2014 16:03:45 -0800
- To: Mark Nottingham <mnot@mnot.net>
- Cc: HTTP Working Group <ietf-http-wg@w3.org>
I've been struggling to find time for making this change, but I have a first sketch of the text for this. I think that this is perfectly workable. https://github.com/http2/http2-spec/pull/644 There is one piece of collateral damage here that I think we will have to decide on. The draft previously has requirements for key strength on DHE and ECDHE. I've moved that to 9.2.1. I want to make sure that I call that out. The list is fairly long. I've tried to faithfully apply the rules we agreed previously to build the list (!PFS or Stream or Block) based on the current IANA registry. If anyone cares to double-check it, please let me know if I've messed up somehow. On 11 November 2014 18:03, Mark Nottingham <mnot@mnot.net> wrote: > We had a wide-ranging discussion in about this issue in Honolulu today. After an introductory presentation <http://httpwg.github.io/wg-materials/ietf91/922.pdf>, and then much discussion/iteration, we ended up with this on the screen: > > -8<- > If the ciphersuite selected for h2 is... > BAD = peer MAY INADEQUATE_SECURITY > !BAD = peer MUST NOT INADEQUATE_SECURITY > > Peers probably shouldn't negotiate BAD > > where BAD is a fixed in-spec blacklist > ->8- > > Using the straw-man proposal on the last page of the PDF, this implies #5 (relax requirement to generate INADEQUATE_SECURITY) and a modification of #2 (Nominate a fixed list of suites for use with H2+TLS12) to a blacklist rather than a whitelist. > > Not explicit here but implied (and seemingly not controversial) were #1 (making all cipher suite requirements specific to TLS 1.2), #3 (keep the required interop suite as mandatory to deploy) and #4 (Clarify that cipher suite requirements apply to deployments, not impl). > > Note that there is NOT a requirement to use or not use particular cipher suites; only a prose note that if you do so, you may encounter problems. This is somewhat in the spirit of #4. > > #6 didn’t seem to get significant support, so I think the plan is to drop it. > > > Martin is going to prepare a pull request with exact text, using the requirements currently in 9.2.2 to create the blacklist. > > Based on the reaction in the meeting (which included some but not all stakeholders) as well as some 1-to-1 discussions I’ve had with people who weren’t there, I believe that this is likely to be as close to a consensus position that we can get. > > Please ask comment or questions if need be, and indicate your support or lack thereof (now if you’re comfortable doing that, or after Martin shows exact text). > > Regards, > > > -- > Mark Nottingham http://www.mnot.net/ > > > >
Received on Friday, 14 November 2014 00:04:13 UTC