With Bug 1006804, we fixed the ephemeral key exchange enforcement for HTTP/2. However, we have not enforce other cipher requirement as per section-9.2.2 of the http2 draft. I believe AES-GCM and CHACHA20POLY1305 are the only allowed ciphers suite by the draft definition for TLSv1.2. http://tools.ietf.org/html/draft-ietf-httpbis-http2-13#section-9.2.2 Quote: The set of TLS cipher suites that are permitted in HTTP/2 is restricted. HTTP/2 MUST only be used with cipher suites that have ephemeral key exchange, such as the ephemeral Diffie-Hellman (DHE) [TLS12] or the elliptic curve variant (ECDHE) [RFC4492]. Ephemeral key exchange MUST have a minimum size of 2048 bits for DHE or security level of 128 bits for ECDHE. Clients MUST accept DHE sizes of up to 4096 bits. HTTP MUST NOT be used with cipher suites that use stream or block ciphers. Authenticated Encryption with Additional Data (AEAD) modes, such as the Galois Counter Model (GCM) mode for AES [RFC5288] are acceptable.
We took care of the AEAD restriction over in bug 1027720.
Status: UNCONFIRMED → RESOLVED
Last Resolved: 4 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 1027720
You need to log in before you can comment on or make changes to this bug.