Re: Call for Adoption: Secondary Certificate Authentication in HTTP/2

On Fri, Jun 24, 2016 at 10:41:03AM +1000, Mark Nottingham wrote:
> <>
> We've discussed carrying certificates and related artefacts in HTTP
> for a long time. This draft from Mike and Martin is an evolution of
> several previous approaches. 
> Please state whether you support adoption, and ideally why.
> Expressions of interest in implementation would also be very helpful.

I have been arguing before that doing certificate authentication in
HTTP/2 safely requires HTTP-level coordination, and still hold this
view. This spec is one way to do it.

What I don't like is MUST not send USE_CERTFICATE without
CERTIFICATE_REQUIRED. This forces client that wants to maintain
the required control in order to safely mux across authoriteies to
eat extra RTT for every request (yes, it would be guessing without,
but likely highly accurate guessing[1]).

Also, with regard to certificate chains, there are still loads of
certificate chains that contain PKCS#1v1.5 signatures, and there will
likely be for forseeable future[2].

[1] Note that endpoints that deal with multiple authorities and
client certificates (e.g. browsers!) need to do such guessing today,
even for HTTP/1.1.

[2] Even if the signing certificate is not RSA, there might be RSA
signatures higher up. And even the signature from root certificate
"leaks" into second-highest certificate.


Received on Friday, 24 June 2016 07:29:05 UTC