Re: Response to HTTP2 expresions of interest from Poul-Henning Kamp on 2012-07-13 (ietf-http-wg@w3.org from July to September 2012)

From: Poul-Henning Kamp <phk@phk.freebsd.dk>
Date: Fri, 13 Jul 2012 22:05:18 +0000
To: "HAYASHI, Tatsuya" <lef.mutualauth@gmail.com>
cc: "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>, Brian Pane <brianp@brianp.net>
Message-ID: <46509.1342217118@critter.freebsd.dk>

In message <CAGipQFk4dCEAhsoc5Cv7ZKNine__rG65kGc7tX8FRXnUjnCSTQ@mail.gmail.com>
, "HAYASHI, Tatsuya" writes:


>Do you have any opinion about this?

Not really at this point, but given a chance to think about it
I'm sure that both I and many others will have.

I my ideal world, we would start by spending some months deciding
what services HTTP/2.0 should actually provide, and try to find the
best, small, easy to understand set of primitives that do that.

That may be a good deal tricker than people think.

For instance the fact that several major web-commerce sites 
prominently display stuff like:

	Hello Poul-Henning (Not Poul-Henning ? Press Here)

clearly indicates how broken the current protection crap really is...

The protection issues are particularly thorny because many people
think they can enforce their political agendas using protocol design
and specifications, as exemplified in the "end-to-end privacy" wars.

The only thing you get if you try to do that, is that people will
make workarounds for the "banned" practices, such as wild-card
certificates for legally mandated interception, and cookies as
session-hacks and so on.

A much better strategy is to make these practices possible
and detectable, so that the users know when they are subject
to them.

If I should give a first cut on the protection primitives I would
expect from HTTP/2.0 it would be:

* Get other ends proffered proof of identity (aka: its certificate)

* Request privacy protected session/channel

* Identify first privacy endpoint
  Ie: do we have end to end privacy, and if not, who am the first
  entity I must trust ?
  Amongst perfectly valid and reasonable answers: 
	The corporate firewall.
	The prisons legal intercept.
	The countrys censorship institution.

But I am sure that there are people better than me to perform
that analysis, and I really wish the WG would engage some of
them, rather than rush headlong into protocol redesign...


-- 
Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.

Received on Friday, 13 July 2012 22:05:41 UTC