W3C home > Mailing lists > Public > ietf-http-wg@w3.org > July to September 2012

Re: Semantics of HTTPS

From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Date: Mon, 06 Aug 2012 22:33:26 +0100
Message-ID: <50203826.6070604@cs.tcd.ie>
To: Willy Tarreau <w@1wt.eu>
CC: Mark Nottingham <mnot@mnot.net>, "ietf-http-wg@w3.org Group" <ietf-http-wg@w3.org>

FWIW, I strongly agree with Mark on this. I'm sure that the
other SEC AD agrees too, and reckon that the SEC area as a
whole would also agree, but we can ask if that becomes useful.
A bit more below.

On 08/06/2012 10:23 PM, Willy Tarreau wrote:
> On Mon, Aug 06, 2012 at 04:16:48PM -0500, Mark Nottingham wrote:
>>
>> On 06/08/2012, at 4:14 PM, Willy Tarreau <w@1wt.eu> wrote:
>>
>>>> Right. That's a big change from the semantics of HTTPS today, though; right
>>>> now, when I see that, I know that I have end-to-end TLS.
>>>
>>> No, you *believe* you do, you really don't know. That's clearly the problem
>>> with the way it works, man-in-the middle proxies are still able to intercept
>>> it and to forge certs they sign with their own CA and you have no way to know
>>> if your communications are snooped or not.
>>
>> It's a really big logical leap from the existence of an attack to changing
>> the fundamental semantics of the URI scheme. And, that's what a MITM proxy is
>> -- it's not legitimate, it's not a recognised role, it's an attack. We
>> shouldn't legitimise it. 
> 
> That's clearly what I'm suggesting : offer a clean way to have a proxy inspect
> contents with the users' consent in the browser policy (using GET https://) or
> ask for a tunnel to be established, assuming it should be end-to-end. There
> will be no more solution than today to detect there's an MITM, but at least
> there will be far less incentive for product authors to do that if it's only
> for a handful of trustable websites.
> 
> At the moment the state of affairs has created MITM proxies and we'd better
> get rid of them by offering a solution to the problem they try to solve.

The tls WG was offered that option again last week and rejected it
again. If the httpbis WG want to standardise some kind of mitm without
changing TLS then that seems to re-define https to me at least.

Even though mitm hacks exist and people pay for them, the IETF has
actively and repeatedly refused to standardise that behaviour.

Cheers,
S.



> 
> Willy
> 
> 
> 
> 
Received on Monday, 6 August 2012 21:33:51 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 6 August 2012 21:33:57 GMT