Re: breaking TLS (Was: Re: multiplexing -- don't do it)

I frankly don't care that people can see me browsing NPR, reading RFCs or watching stand-up on YouTube. 



However, when I do care (bank, taxes, passwords), I REALLY care. 



To extend the analogies: 



Basic human immune defenses == opt in SSL, physical network security, etc....everything we already have....the baseline 



TLS everywhere == locks on EVERY door that you must unlock and relock every time you pass through them. 



Post cards don't have envelopes.  Sealed envelopes are more a practical concern than security.  When was the last time you saw a signet pressed into a wax seal?  Most people don't have locks on their mailboxes. 



Every form of security incurrs a cost.  Sometimes the cost isn't worth the benefit.  To cover for ignorant user/service combinations, we'd be forcing that cost on the entire world (at the risk of diluting that security). 


----- Original Message ----- 
From: willchan@chromium.org 
To: ray.polk@oracle.com 
Cc: nicolas.mailhot@laposte.net, ietf-http-wg@w3.org 
Sent: Friday, April 6, 2012 10:02:25 AM GMT -07:00 US/Canada Mountain 
Subject: Re: breaking TLS (Was: Re: multiplexing -- don't do it) 

I don't like this analogy. Humans have basic immune defenses. In most places, we put locks on public facing doors. We send mail in sealed envelopes. Yet we send almost all our browsing traffic in the clear. Come on guys. 


And it's not like there aren't enough organizations out there trying to break SSL already. I think they're already pretty motivated. 


On Fri, Apr 6, 2012 at 5:50 PM, Ray Polk < ray.polk@oracle.com > wrote: 


I think Nicolas makes a very strong and important point here.  I think everyone agrees security is a never ending battle of one-upmanship.  People often use the term "arms race" to draw an analogy. 

I prefer the analogy of bacteria / antibiotics.  In the lowest risk infection situations, the user is left to their own devices.  In the highest risk, life/death situations, security doctors bring the most powerful antibiotics to bear.  To treat every infection with the most powerful countermeasures would weaken those countermeasures for the most extreme cases. 

Each security mechanism also brings cost to the user and the infrastructure.  In time, the countermeasure loses its effectiveness and another mechanism is broadly deployed...as time goes to infinity, only the cost increases. 

-Ray 


----- Original Message ----- 
From: nicolas.mailhot@laposte.net 
To: ietf-http-wg@w3.org 
Sent: Friday, April 6, 2012 8:35:43 AM GMT -07:00 US/Canada Mountain 
Subject: Re: breaking TLS (Was: Re: multiplexing -- don't do it) 

Amos Jeffries <squid3@...> writes: 

> IME admin are usually not that eager to do MITM on TLS. 

Yes there are all sorts of unpleasant legal risks involved 

> It is required by policy makers who just want to publish tick-box policies 

It is required to authenticate proxy users now that popular sites are moving to 
ssl, since no one has defined a reliable way to do it without breaking tls. 

And then once the system is in place who will vouch it won't be abused for 
corporate follies? 

It is *very* dangerous to make encryption an all-or-nothing proposal. That makes 
it an everyone-has-a-reason-to-break-it system, which means it *will* be broken, 
even in the cases it's perfectly justified. 



If you want to add security to browsing make *very* sure there is little reason 
for legal-abiding entities to break it, or they will finance and build the tools 
criminals will use. That means using encryption sparingly, not as a blanket 
system.