TLS ALPN Proposal v2
Xuelei Fan
xuelei.fan at oracle.com
Thu Jun 4 16:50:03 UTC 2015
On 6/5/2015 12:12 AM, Simone Bordet wrote:
> Hi,
>
> On Thu, Jun 4, 2015 at 5:53 PM, Xuelei Fan <xuelei.fan at oracle.com> wrote:
>> On 6/4/2015 8:19 PM, Simone Bordet wrote:
>>> This is not possible for HTTP/2.
>>> Application protocol negotiation MUST happen *after* the TLS protocol
>>> and the TLS cipher are negotiated.
>>>
>> Why? Is it a spec of HTTP/2? It is a point I don't understand now.
>> Please help with more details.
>
> http://tools.ietf.org/html/rfc7540#section-9.2
>
> You can only speak h2 if the cipher is strong enough as defined by RFC 7540.
>
Hm, I see your point now. But I may not agree with your ALPN "MUST
happen after" protocol/cipher suite negotiation conclusion.
I parse this section as, a H2 server must be strong enough(comply to
RFC7540), and a H2 client must also be strong enough (comply to
RFC7540). Otherwise, both side may terminated the connection, and
cannot declare as complying to H2. It is not necessary for an
application protocol selector to detect whether a H2 server/client
comply to H2 or not.
If "H2" is requested, it means that the client supports H2. Otherwise,
it's a client application bug. If "H2" is selected by a selected, it
means that the selected server supports H2. Otherwise, it is a selector
implementation bug. If something wrong in either client or server, it
is expected to terminate the connection immediately, rather than
downgrade to a not-strong enough level.
>From the points above, I think an application protocol selector may not
need to know the negotiated protocol version and cipher suite.
Thanks,
Xuelei
More information about the security-dev
mailing list