W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2015

Re: SSL/TLS everywhere fail

From: Robert Collins <robertc@robertcollins.net>
Date: Fri, 4 Dec 2015 07:32:39 +1300
Message-ID: <CAJ3HoZ0ujqmsPbJWLAs4dYzoXpUmTSonJ-qfkuxep++G6J2UDw@mail.gmail.com>
To: HTTP Working Group <ietf-http-wg@w3.org>
Cc: Cory Benfield <cory@lukasa.co.uk>, Jacob Appelbaum <jacob@appelbaum.net>, Mike Belshe <mike@belshe.com>, Poul-Henning Kamp <phk@phk.freebsd.dk>, Amos Jeffries <squid3@treenet.co.nz>
On 4 December 2015 at 07:05, Willy Tarreau <w@1wt.eu> wrote:
> On Thu, Dec 03, 2015 at 05:35:51PM +0000, Cory Benfield wrote:
>> >> Go go go http2 and mandatory SSL everywhere.  Next step - eliminate MITM.
>> >> We haven't done that well yet, but its coming.
>> >
>> > TLS, please. :-)
>> >
>> > All the best,
>> > Jacob
>> >
>> I could not agree more with Jacob if I tried. Well said.
> Guys I think you didn't read well. What was reported is that a government
> *officially* enforced the need to legally break TLS.

Just like the US government has done, and the 5 eyes network, and
others, have done stealthily for well over a decade.

> If you're pushing
> for more TLS, you're just pushing for more surveillance. That's a fact
> and it has been proven by this news article. The push for TLS everywhere
> has at least broken all Khazak's privacy.

The government mandated visible inspection of traffic that they can't
otherwise see *because* we've improved the baseline. It makes the
intrusion visible but it in now way changes the privacy that users in
Khazakhstan experience: their plaintext traffic is certainly already
compromised all the time.

> I predict that in less than 10 years we'll all be using point-to-point
> TLS because everyone will legally crack it along the way. What a great
> internet it will be! It used to be limited for *certain* activities
> only, making it uninteresting to crack most of the time.

So when we make it infeasible to crack in a stealth fashion, and
attacks are visible to the populace, folk can decide if they are
willing to live in a panopticon, or if they want to strike down these
bad laws.

Complaining that the panopticon is becoming *visible* doesn't make sense to me.

As for whether the bulk of internet users want privacy: I haven't met
a single non-internet-technicalities-savvy person who didn't express
immense surprise at the idea that their normal browsing would be
visible to *anyone* other than the site they were browsing on.

I will happily admit that savvy users can choose to make a tradeoff,
but non-savvy users take time to become savvy, and we've 7 billion
people's needs to balance out. Is it less harmful to:

 - expose everything and then opt into security once you've learnt
enough about the architecture of the internet to understand whats
going on
 - protect everything and then opt into publicity once you've learn
enough about the arch...

The principle of least surprise suggests that protecting everything
and opting into publicity is better.


Robert Collins <rbtcollins@hp.com>
Distinguished Technologist
HP Converged Cloud
Received on Thursday, 3 December 2015 18:33:09 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 1 March 2016 11:11:40 UTC