W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2015

Re: SSL/TLS everywhere fail

From: Adrien de Croy <adrien@qbik.com>
Date: Thu, 03 Dec 2015 21:10:22 +0000
To: "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>, "Robert Collins" <robertc@robertcollins.net>
Cc: "HTTP Working Group" <ietf-http-wg@w3.org>, "Cory Benfield" <cory@lukasa.co.uk>, "Jacob Appelbaum" <jacob@appelbaum.net>, "Mike Belshe" <mike@belshe.com>, "Poul-Henning Kamp" <phk@phk.freebsd.dk>, "Amos Jeffries" <squid3@treenet.co.nz>
Message-Id: <em14cbc6ff-8e63-4131-abd1-95a0c837ba9f@bodybag>

actually we may be saved in the end by human reluctance to spend money.

all those tens of millions of sites aren't going to want to buy an X.509 

So they will stay with http/1.1 - all hail the failure of http/2

If Chrome decides to muscle people into encrypting their sites, e.g. by 
blocking or deterring unencrypted sites in the browser, maybe that will 
be Chrome's version of IE's "Internet Enhanced Security" feature which 
killed IE, and people will get sick of the nags and go to another 

------ Original Message ------
From: "Willy Tarreau" <w@1wt.eu>
To: "Robert Collins" <robertc@robertcollins.net>
Cc: "HTTP Working Group" <ietf-http-wg@w3.org>; "Cory Benfield" 
<cory@lukasa.co.uk>; "Jacob Appelbaum" <jacob@appelbaum.net>; "Mike 
Belshe" <mike@belshe.com>; "Poul-Henning Kamp" <phk@phk.freebsd.dk>; 
"Amos Jeffries" <squid3@treenet.co.nz>
Sent: 4/12/2015 8:06:49 a.m.
Subject: Re: SSL/TLS everywhere fail

>On Fri, Dec 04, 2015 at 07:32:39AM +1300, Robert Collins wrote:
>>  On 4 December 2015 at 07:05, Willy Tarreau <w@1wt.eu> wrote:
>>  > If you're pushing
>>  > for more TLS, you're just pushing for more surveillance. That's a 
>>  > and it has been proven by this news article. The push for TLS 
>>  > has at least broken all Khazak's privacy.
>>  The government mandated visible inspection of traffic that they can't
>>  otherwise see *because* we've improved the baseline.
>That's exactly what we've been warning against for years. And not that
>it's not "they cant' otherwise see" but "they're targetting the easiest
>and cheapest way". In France if you want to see people's 
>you first declare them terrorist and then you confiscate their PC, you
>claim the data are encrypted, you ask for the key and if they refuse or
>try to explain that there's no encryption, you put them in jail until
>they change their mind (or they try to invent whatever they can if 
>was really no encryption). And people applaud because one more 
>got arrested. I'm pretty sure it's the same in many other countries 
>don't spend money cracking all SSL communications.
>>  It makes the
>>  intrusion visible but it in now way changes the privacy that users in
>>  Khazakhstan experience: their plaintext traffic is certainly already
>>  compromised all the time.
>Did it ever come to your mind that it was possible that these people
>didn't care a dime about their clear text traffic being seen by their
>government, neighbors, coworkers, ISPs and whatever ? Most people
>nowadays fear the *endpoint*. The big company on the other side knowing
>everything about your life and suggesting when you should take your bus
>before you even thought you could take a bus. You know, when you 
>a google search and you see a very small and discrete icon on the top 
>showing your name and you say "ah shit, I just fed their base again", 
>to log out.
>>  > I predict that in less than 10 years we'll all be using 
>>  > TLS because everyone will legally crack it along the way. What a 
>>  > internet it will be! It used to be limited for *certain* activities
>>  > only, making it uninteresting to crack most of the time.
>>  So when we make it infeasible to crack in a stealth fashion,
>How do you as a user make the difference between the end point and the
>MITM when technically they are the same devices implementing the same
>protocols and the same keys ?
>>  As for whether the bulk of internet users want privacy: I haven't met
>>  a single non-internet-technicalities-savvy person who didn't express
>>  immense surprise at the idea that their normal browsing would be
>>  visible to *anyone* other than the site they were browsing on.
>That's exactly why some of us have said that education is more 
>than false security. I've heard the media tell people for years that
>without the small lock on their browser, everyone could sniff their
>exchanges. But ISPs have been selling WiFi routers with default configs
>and cleartext setups without telling anything. Then they have claimed
>that WPA was secure. Etc. People trust what we tell them. Let's be
>clear about the real risks and the real solutions.
>>  I will happily admit that savvy users can choose to make a tradeoff,
>>  but non-savvy users take time to become savvy, and we've 7 billion
>>  people's needs to balance out. Is it less harmful to:
>>   - expose everything and then opt into security once you've learnt
>>  enough about the architecture of the internet to understand whats
>>  going on
>How are the weather forecast or traffic jams considered "exposed"
>when they're delivered for the widest possible public consumption ?
>>   - protect everything and then opt into publicity once you've learn
>>  enough about the arch...
>Except that by protecting everything you immediately trigger the
>"unprotect everything" weapon in the other camp.
>It used to be the exact same with company proxies. Most companies
>just want to have web-based anti-virus not to have to reinstall
>their PCs all the time. They don't care about what you're doing on
>the net because they made you sign a chart where you accept the
>responsibilities for your actions. It used to work pretty well,
>anti-virus software was able to analyse blogs and whatever. The
>few tens to hundreds of sites requiring SSL were just whitelisted
>after being validated by the admin as looking like "serious sites".
>With TLS everywhere, these companies are forced to act as an MITM
>to still enforce their anti-virus. Is it a problem for them ?
>Absolutely not. Are the users at risk ? Absolutely. Because of this,
>dumb admins which didn't have access to the encrypted traffic at all
>now can see it in logs and sometimes even contents. They can snarf
>it just for fun on a boring day. But doing this on certain 
>is a really bad thing. And this was made possible by blind excess of
>Why do you think laws can pass to mandate decryption ? That's simple,
>people don't fight because they don't care for their contents! But
>you forced them to accept their few sensitive communications to be
>decrypted in the process. They probably don't feel happy but they'll
>trust their governments not to act badly because most of them consider
>they have nothing to hide.
>In France we had "hadopi" years ago, it mandated that ISPs sniff 
>and report certain activities. Did people go down in the streets 
>of this ? certainly not. If next year the government provides a 
>certificate to decrypt everything and enforces it on ISPs, just like
>last time, they will complain about the deployment cost but that will 
>the only real reaction.
>>  The principle of least surprise suggests that protecting everything
>>  and opting into publicity is better.
>In theory I absolutely agree, except that you're not protecting against
>random things but living beings which are smart and react to your 
>That completely changes things. When you build protections against
>earthquakes it's nice because the earth doesn't try to attack you. 
>this against people who have many ways to get your data is just a way 
>ensure their will use the next level of weapon to reach their goal.
>Sometimes it's fun to feel stronger than the rest of the world, but it
>can also come with great desillusions...
Received on Thursday, 3 December 2015 21:10:57 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 1 March 2016 11:11:40 UTC