Part 2: TLS considerations section may be ambiguous
I'm having trouble figuring out exactly what section 8.5 means. In particular this piece of text:
The cipher suites listed below and also in section 4.2 of [RFC7525] that support authenticated encryption
(AEAD) algorithms shall be used to ensure TLS message confidentiality and integrity:
* `TLS_DHE_RSA_WITH_AES_128_GCM_SHA256`
* `TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256`
* `TLS_DHE_RSA_WITH_AES_256_GCM_SHA384`
* `TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384`
I believe the intention here was to state that only these 4 ciphers shall be used, that the recommendations come from RFC7525, and that the FAPI spec will be updated from time to time as new recommendations emerge.
The alternative reading is that cipher suites allowed in 4.2 of RFC7525 are also okay. This would technically mean that TLS_RSA_WITH_AES_128_CBC_SHA (as per 4.2.1 paragraph 3) would be allowed, and also reduces the 'shall' we have in our phrase down to a 'recommended'.
Perhaps this should be reworded as:
The recommendations for Secure Use of Transport Layer Security in RFC7525 shall be followed, with the following exception:
Only the following 4 cipher suites shall be permitted:
* `TLS_DHE_RSA_WITH_AES_128_GCM_SHA256`
* `TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256`
* `TLS_DHE_RSA_WITH_AES_256_GCM_SHA384`
* `TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384`
Comments (6)
-
reporter -
reporter I've opened a pull request here:
https://bitbucket.org/openid/fapi/pull-requests/26/issue-99-part2-tls-consideration/diff
I modified the wording a little more to improve the readability further.
-
- changed status to closed
Part 2: Clarify TLS considerations section
The changes for issue
#92left it slightly unclear how the reference to RFC7525 was to be interpreted. This change clarifies the wording to match our intentions.closes
#99→ <<cset 620042170c64>>
-
- changed component to Part 2: Advanced
-
- changed component to FAPI 1 – Part 2: Advanced
-
- changed component to FAPI 1: Advanced
- Log in to comment
We talked about this on today's call. The consensus seemed to be that we should go with my wording, but with RFC7525 substituted for BCP195 so that any future updates to BCP195 are automatically incorporated.
I will prepare a pull request.