W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2013

Re: What will incentivize deployment of explicit proxies?

From: Poul-Henning Kamp <phk@phk.freebsd.dk>
Date: Thu, 12 Dec 2013 16:14:32 +0000
To: "Nicolas Mailhot" <nicolas.mailhot@laposte.net>
cc: "Salvatore Loreto" <salvatore.loreto@ericsson.com>, "Roberto Peon" <grmocg@gmail.com>, "Mark Nottingham" <mnot@mnot.net>, "HTTP Working Group" <ietf-http-wg@w3.org>
Message-ID: <84514.1386864872@critter.freebsd.dk>
In message <34ada50c72b7ec498dd9745d59b4c3be.squirrel@arekh.dyndns.org>, "Nicol
as Mailhot" writes:

>That's where e2e integrity comes into play (and as end-user I'd
>like to have it too). Besides that's a major part of reassuring users
>nothing fishy is going on behind their back

And as usual, once you start pulling on a single loose thread, you
find out that it's tied to all the turtles:

What good is e2e integrity, if you don't know who the other 'e' is ?

All you can know without e2e authentication is that you have some
cryptographic property (privacy/integrity/whatever...) all the way
to the node where the (first!) MITM attack is implemented.

Unless you use a Pre Shared Key, there are only three levels of security:

1. Plaintext.

2. Obfuscated to keep trival tcpdump/snort snoopers out of the loop.

3. Authenticated.

If you want more than #2, you need to fix #3, and that I belive is
waaay beyond this WG.

-- 
Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.
Received on Thursday, 12 December 2013 16:15:01 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 1 March 2016 11:11:20 UTC