W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2013

Re: Moving forward on improving HTTP's security

From: Nicolas Mailhot <nicolas.mailhot@laposte.net>
Date: Thu, 14 Nov 2013 12:04:56 +0100
Message-ID: <aa710ff51586f2cb3832c193f406598d.squirrel@arekh.dyndns.org>
To: "Willy Tarreau" <w@1wt.eu>
Cc: "William Chan (?????????)" <willchan@chromium.org>, "Adrien de Croy" <adrien@qbik.com>, "Stephen Farrell" <stephen.farrell@cs.tcd.ie>, "Mike Belshe" <mike@belshe.com>, "Tao Effect" <contact@taoeffect.com>, "Tim Bray" <tbray@textuality.com>, "James M Snell" <jasnell@gmail.com>, "Mark Nottingham" <mnot@mnot.net>, "HTTP Working Group" <ietf-http-wg@w3.org>

Le Jeu 14 novembre 2013 02:09, Willy Tarreau a écrit :
> Eg:
> there are many valid use cases for MITM right now and when you're asked to
> design this and you have some consideration for privacy and security,
> you'll
> probably try to educate the customer to only route the connections with
> certain SNIs to the MITM proxies and not the rest (just an example).

Actually you're pretty much forced to whitelist the SNIs that re not to be
MITM-ed today, because big operators and cloud platforms trivially defeat
any attempt at lightweight control by consolidating very diverse services
on the same SNIs. So operators with clearly defined SNIs that can let be
passed safely are becoming the exception not the norm.

I fact cloud platforms have become such a hodgepodge or safe and unsafe
elements right now I'm firmly convinced that even if it was an acceptable
risk to let their content pass without inspection for malware, giving up
the routing information (to at least try to filter the most objectionnable
parts) is becoming completely unrealistic. And TLS as it stands today does
not permit this short of going to full breakage.

-- 
Nicolas Mailhot
Received on Thursday, 14 November 2013 11:05:26 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 1 March 2016 11:11:19 UTC