Open
Bug 1294708
Opened 8 years ago
Updated 2 years ago
[h2] HTTP2 INADEQUATE_SECURITY error messages could use more detail
Categories
(Core :: Networking: HTTP, defect, P3)
Core
Networking: HTTP
Tracking
()
NEW
| Tracking | Status | |
|---|---|---|
| firefox51 | --- | affected |
People
(Reporter: bzbarsky, Unassigned)
Details
(Whiteboard: [necko-backlog])
The string says "Error code: NS_ERROR_NET_INADEQUATE_SECURITY" but that doesn't tell people to go look up HTTP/2 INADEQUATE_SECURITY. This was reported in bug 1122642 comment 25 which has more details (including some information about us and Chrome having different behavior which may be worth looking into). Nick, can you take a look, please?
Flags: needinfo?(hurley)
|
Reporter | |
Comment 1•8 years ago
|
||
Note that the above linked comment suggests actually showing the blacklisted cipher that was negotiated...
There was another bug reported where chrome would talk to a misconfigured server (nginx?) that we didn't (chrome is in the wrong there) and fixing the cipher suite selection server-side made everything work. So that's that part of the comment. Unfortunately, my bugzilla-fu is failing to find that bug. I'll think about the wording of the error page and see if I can come up with something more useful.
Assignee: nobody → hurley
Flags: needinfo?(hurley)
Whiteboard: [necko-active]
|
|
Reporter | |
Comment 3•8 years ago
|
||
> chrome is in the wrong there
Did we get a bug filed on them?(In reply to Boris Zbarsky [:bz] (Vacation until Aug 21) from comment #3) > > chrome is in the wrong there > > Did we get a bug filed on them? That's a good question, if I could find our bug I could answer it :) Maybe Patrick can remember the bug I'm talking about (or otherwise set me straight). Of course, he's not accept ni?s right now, so I'll email him and he can respond when he's back.
|
||
Comment 5•8 years ago
|
||
> chrome is in the wrong there Is it? The RFC says the endpoint MAY choose to generate a connection error: https://tools.ietf.org/html/rfc7540#section-9.2.2
|
||
Comment 6•8 years ago
|
||
(In reply to nikola.kovacs from comment #5) > > chrome is in the wrong there > > Is it? The RFC says the endpoint MAY choose to generate a connection error: > https://tools.ietf.org/html/rfc7540#section-9.2.2 I need to lookup the contents of the bug to see if that was the issue (I think the issue was fuzzy iirc and became worksforme before getting down to a root cause), but chrome certainly does not intend to work with blacklisted suites nor does firefox. I changed the triage on this.. nick if you've got a patch in progress feel free to change it back
Summary: [h2] HTTP2 INADEQUATE_SECURITY error messages are inscrutable and don't make it clear that they are about INADEQUATE_SECURITY → [h2] HTTP2 INADEQUATE_SECURITY error messages could use more detail
Whiteboard: [necko-active] → [necko-backlog]
|
||
Comment 7•7 years ago
|
||
Bulk change to priority: https://bugzilla.mozilla.org/show_bug.cgi?id=1399258
Priority: -- → P1
|
|
||
Comment 8•7 years ago
|
||
Bulk change to priority: https://bugzilla.mozilla.org/show_bug.cgi?id=1399258
Priority: P1 → P3
|
||
Updated•5 years ago
|
Assignee: u408661 → nobody
|
||
Updated•2 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•