W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2013

Re: Moving forward on improving HTTP's security

From: Amos Jeffries <squid3@treenet.co.nz>
Date: Fri, 15 Nov 2013 10:12:30 +1300
To: ietf-http-wg@w3.org
Message-ID: <cbd078b98365f29f7aa3d1a7ad236d45@treenet.co.nz>
On 2013-11-15 09:41, Roberto Peon wrote:
> Well, in such cases you may be screwed and should use a device that has
> such, else you have an insurmountable trust root problem.


You do realise that a huge population in India and Africa are using 
networks that consist solely of wireless AP, cellphone or tablet, right?
Electricity supply in many areas is not reliable enough to even run an 
old fashioned PC.

You just cut off how many people? oh well,


Looking forward, the high-tech countries are already rolling out similar 
sorts of networks. Japan for example is rolling out 
HTTP-over-LED_lightbulb and vehicle manufacturers are rolling out 
vehicle-vehicle wireless communication (via proxies!). Now try locating 
the TLS certificate of the lightbulb nearest you when you get of the 
train ... so that you can simply connect to it.

Whats the population of east asia? oh well,


Then there is that media whipping-post about trends in mobile devices 
replacing other technology.

Cut off them and you have lost a majority of the entire population. Both 
Internet-of-Users and Internet-of-Things with no security.


So, how fast were you going to replace/upgrade every single Internet 
connected device on the planet to support cabled connection with HTTP/2?


non-TLS forms of PKI seem to be working far better in those above 
systems for simultaneous performance and security than HTTPS/TLS can 
offer at its best. The TLS system has edges. Long overdue time to admit 
they are there and work towards supporting the next best thing in HTTP/2 
(or is it really going to be an old thing that got sidelined because TLS 
CA model was "easy" ?).

Amos
Received on Thursday, 14 November 2013 21:12:55 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 1 March 2016 11:11:19 UTC