W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2013

Re: What will incentivize deployment of explicit proxies?

From: Nicolas Mailhot <nicolas.mailhot@laposte.net>
Date: Tue, 3 Dec 2013 19:39:07 +0100
Message-ID: <f61ae227b4fd811d50a50a9ef42d456c.squirrel@arekh.dyndns.org>
To: "Patrick McManus" <pmcmanus@mozilla.com>
Cc: "William Chan (陈智昌)" <willchan@chromium.org>, "Yoav Nir" <synp71@live.com>, "Roberto Peon" <grmocg@gmail.com>, "HTTP Working Group" <ietf-http-wg@w3.org>

Le Mar 3 décembre 2013 15:49, Patrick McManus a écrit :

> The problem with these explicit MITM proposals is that they also propose
> to
> terminate https:// at the proxy, and that shouldn't happen. Sure lots of
> people are already MITM'd by root cert annotations today - but not
> everybody. I don't want to spread that particular affliction.

That's why I proposed several modes today, so non-critical parts can be
terminated at the proxy (with malware checking) and bank traffic for
example can pass end-to-end

I fear never terminating https at the proxy won't see adoption now that
there is widespread availability of MITM solutions on the market, and web
sites try to encrypt the most trivial traffic. At some point the desire to
protect users' privacy is far outweighed by the risk of malware injection
once http is applied in blanket mode everywhere. The ship already sailed
and by trying to achieve too much https proponents generated strong
pushback

Unlike Willy I do think all is not lost (yet) and operators will accept to
not terminate ssl systematically if the protocol is not an all-or-nothing
choice. For example I'm pretty sure most corporations would accept to only
scan mime types likely to carry malware (js, executables, zip/isos/office
documents) and pass the rest in opaque messages as long as major browsers
and web sites didn't lie about this (and users deploying other web clients
that lied in their user agent would face administrative sanctions). For
non-dangerous mime types "inspection" only cares about checking if the
full url does not belong to a porn/spam/crook/gaming web site, not the
message content.

It's all a balancing act.

Regards,

BTW: great news about the Firefox patchset

-- 
Nicolas Mailhot
Received on Tuesday, 3 December 2013 18:39:42 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 1 March 2016 11:11:20 UTC