W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2013

Re: Moving forward on improving HTTP's security

From: Grahame Grieve <grahame@healthintersections.com.au>
Date: Thu, 14 Nov 2013 11:25:20 +1100
Message-ID: <CAG47hGaMMF9dckQ7QcKWEFSGbu1OupZJ0hsSMfGDJ1ELrem9Ew@mail.gmail.com>
To: William Chan (陈智昌) <willchan@chromium.org>
Cc: Adrien de Croy <adrien@qbik.com>, Stephen Farrell <stephen.farrell@cs.tcd.ie>, Willy Tarreau <w@1wt.eu>, Mike Belshe <mike@belshe.com>, Tao Effect <contact@taoeffect.com>, Tim Bray <tbray@textuality.com>, James M Snell <jasnell@gmail.com>, Mark Nottingham <mnot@mnot.net>, HTTP Working Group <ietf-http-wg@w3.org>
If corporate security needs is what is driving MITM attacks, then
perhaps HTTP should enable something along the lines of a delegated
security model, though I don't know whether that can be done securely
or not (where secure includes the browser user knowing that it what is
going on)

On the wider question of whether http/2 should mandate TLS, it seems
to me that this is driven by your feelings about http/2 scope. If you
think that http/2 = "the web", then of course http/2 should force TLS.
But if you think that http/2 = a general communications protocol that
is also used by the web, then you won't think that http/2 should
enforce TLS

It seems to me that the use case for "needs efficiency features of
http/2" + "can't deal with the certificate requirements of TLS" is
very slim set. Why not enforce TLS in http/2, and commit to
maintaining HTTP/1 going forward in the unlikely event that something
in the underlying framework was to invalidate HTTP/1?

Grahame


On Thu, Nov 14, 2013 at 11:09 AM, William Chan (陈智昌)
<willchan@chromium.org> wrote:
> On Wed, Nov 13, 2013 at 2:36 PM, Adrien de Croy <adrien@qbik.com> wrote:
>>
>> I thought we already did the mandatory TLS argument to death many times.
>
>
> We did :) And I don't think we're going to convince one another here. I feel
> like I understand your position and disagree with it. And I think the vice
> versa is true. I stated my preference earlier, but I don't expect to
> convince you. As much as it'd be nice to have the spec mandate this, so I
> could use it as a weak hammer to beat people on the head with when they
> don't want to use TLS, I don't really think we'll achieve rough consensus.
> But I'll impose my will insofar as I can affect Chromium policy and push
> more HTTPS adoption as much as I can.
>
>>
>>
>> We added MITM in WinGate mostly because Google and FB went to https.
>> Google and FB you may take a bow.
>
>
> FWIW, I'm happy those companies went HTTPS, and I'm sad that y'all are
> offering MITM features in your products. I suppose that if I ask you not to
> MITM traffic, you wouldn't listen, would you? :P If you feel that MITM is
> bad for the web, why are you implementing this? Is it simply because if you
> don't, then someone else will and people will switch from your product?
>
>>
>> Does this improve security of the web overall?  IMO no.  People can now
>> snaffle banking passwords with a filter plugin.
>
>
> Just to be clear, the MITM works because the enterprises are adding new SSL
> root certificates to the system cert store, right? I agree that that is
> terrible. I wouldn't use that computer :) I hope we increase awareness of
> this issue.
>
>>
>> You really want to scale this out?  How will that make it any better?
>
>
> I believe that making communications secure by default will overall improve
> the security of the web as long as most devices don't have these additional
> SSL root certificates used by the MITM proxies. You are taking a cynical
> view on the outcome when communications become secure by default. I
> disagree. I think that it's worthwhile to force entities that want to
> examine communications to have to MITM SSL. I think that the negative PR of
> a government or ISP or whatever trying to force installations of additional
> root certificates on end users' machines would be a strong disincentive to
> employ these policies. I agree it might lead more enterprises to MITM their
> employees who use corporate devices. It is a sad world indeed if it's the
> status quo for everyone to use devices with extra root certs so
> intermediaries can MITM SSL connections.
>
>>
>> You're suggesting anyone wanting to run an http2 server now has to
>> purchase, and pay for the ongoing maintenance of a cert, and take the cost
>> on additional CPU to handle the load?
>
>
> Yes, I want to use HTTP/2 as a carrot to incentivize server operators to use
> HTTPS. There are tradeoffs that prevent folks from adopting HTTPS. I'm
> hoping HTTP/2 helps adjust the tradeoffs in HTTPS' favor somewhat, due to
> its reduced user perceived latency and improved connection reuse leading to
> improved scalability compared to HTTP/1.X over TLS.
>
>>
>>
>> Organisations have to live with the pain in the neck of deploying signing
>> certs to clients, dealing with visitor devices etc etc.  This = reduction in
>> user experience.
>
>
> You mean the additional root certs installed on client machines? Good, I'm
> glad it's a PITA for y'all, so maybe you'll stop doing it or do it less
> often, and maybe corporations will stop asking you to do this for them. This
> is terrible and I'm personally not interested in making it easier for
> organizations to snoop on their members/employees/students/etc. I'm in favor
> of reduced user experience where the user is someone who wants to MITM SSL
> traffic.
>
>>
>>
>> So, IMO making TLS mandatory = reduced security, worse user experience,
>> and increased costs.
>>
>> That's progress I guess.
>
>
> I respectfully disagree with your outcome prediction.
>
>>
>>
>>
>>
>>
>>
>> ------ Original Message ------
>> From: "Stephen Farrell" <stephen.farrell@cs.tcd.ie>
>> To: "Willy Tarreau" <w@1wt.eu>; "Mike Belshe" <mike@belshe.com>
>> Cc: "William Chan (?????????)" <willchan@chromium.org>; "Tao Effect"
>> <contact@taoeffect.com>; "Tim Bray" <tbray@textuality.com>; "James M Snell"
>> <jasnell@gmail.com>; "Mark Nottingham" <mnot@mnot.net>; "HTTP Working Group"
>> <ietf-http-wg@w3.org>
>> Sent: 14/11/2013 10:57:46 a.m.
>> Subject: Re: Moving forward on improving HTTP's security
>>>
>>>
>>> I have to agree that the logic here is hard to find.
>>>
>>> On 11/13/2013 09:54 PM, Willy Tarreau wrote:
>>>>
>>>>  On Wed, Nov 13, 2013 at 01:23:41PM -0800, Mike Belshe wrote:
>>>>>
>>>>>  To paraphrase, you're saying:
>>>>>     "I don't like TLS because I use the presence of TLS to know that I
>>>>> could
>>>>>  be hacked right now. But if you turn on TLS always, I won't be able to
>>>>>  tell if I can get hacked."
>>>>
>>>>
>>>>  Huh ? No. I mean "The TLS model is fine for me as long as it's used
>>>> where
>>>>  needed and if it's not abused because I expect all actors in the chain
>>>> to
>>>>  care about security". Let's ensure we don't break that weak link from
>>>> the
>>>>  root CAs to me by making its use mandatory for all no-value stuff that
>>>>  nobody cares about and which will make it normal for everyone to deploy
>>>>  broken configs and rogue CAs everywhere for the sake of simplicity.
>>>
>>>
>>> Break the link by making it mandatory sounds like wild supposition.
>>>
>>> S
>>>
>>>>
>>>>>  To summarize:
>>>>>    1) You're happy with the security you get with TLS to Paypal now
>>>>>    2) You're unhappy with that same security (TLS) enforced everywhere
>>>>>  because it is suddenly less secure.
>>>>
>>>>
>>>>  Exactly.
>>>>
>>>>>  This is also illogical. We're not changing TLS.
>>>>
>>>>
>>>>  Yes you are. You're not changing the protocol but the economics and
>>>>  the actors' motives to deliver certs the proper way. When certs are
>>>>  needed to connect to my printer, I doubt I'll have to order a new
>>>>  cert every year to connect to it once every 3 years at most to change
>>>>  its IP address. Instead the manufacturer will want a 10 years cert,
>>>>  and since he won't be able to get that, some CAs will start to offer
>>>>  this (possibly at a high price). We'll possibly find it much easier
>>>>  and cheaper to become a valid CA and to issue certs for anyone. I'm
>>>>  sorry but the day I can issue a paypal cert myself and have my browser
>>>>  accept it without me having to do anything with its configuration, I'll
>>>>  start to get a little bit scared.
>>>>
>>>>  Right now it's simple : TLS is annoying to deploy so you do it where
>>>>  it matters. It can be free but at least it requires some care and you
>>>>  are willing to accept that for the sites you value. Once you don't
>>>>  value anymore the certs you are installing and users start to do wrong
>>>>  things such as clicking 100 times a day "Ignore this cert error"
>>>> because
>>>>  everyone uses crappy certs, the TLS model will be useless.
>>>>
>>>>  Willy
>>>>
>>>>
>>>>
>>>>
>>>
>>
>



-- 
-----
http://www.healthintersections.com.au /
grahame@healthintersections.com.au / +61 411 867 065
Received on Thursday, 14 November 2013 00:25:48 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 1 March 2016 11:11:19 UTC