W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2015

Re: SSL/TLS everywhere fail

From: Poul-Henning Kamp <phk@phk.freebsd.dk>
Date: Sun, 06 Dec 2015 16:58:35 +0000
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
cc: Jacob Appelbaum <jacob@appelbaum.net>, Mark Nottingham <mnot@mnot.net>, Cory Benfield <cory@lukasa.co.uk>, Adrien de Croy <adrien@qbik.com>, Mike Belshe <mike@belshe.com>, Amos Jeffries <squid3@treenet.co.nz>, httpbis mailing list <ietf-http-wg@w3.org>
Message-ID: <88647.1449421115@critter.freebsd.dk>
In message <56643997.7040903@cs.tcd.ie>, Stephen Farrell writes:

>On 06/12/15 10:58, Poul-Henning Kamp wrote:
>> 1)  If you *really* have something to hide, you should focus on
>>     protecting your metadata.
>The use of the singular "you" a number of times reflects a very
>1980's view of the Internet - today a person who may or may not
>have something to hide does not (in 99.99% of cases) have the
>expertise to know what is involved in that and in many cases does
>not even know what it is that may be worthwhile hiding.
>We (in the IETF) need to develop protocols that work well in this
>kind of situation.

In *some* of this kind of situations.

In the heavy-duty cases, such as Human Rights activists in a hostile
country, the fact *that* they communicate is the primary metadata
signal they want to attenuate.  IETF is no help there.

>BCP61 is one expression of that - strong security needs to be
>available everywhere for us to do a good job.

The Danvers Doctrine is politically naïve.

It doesn't recognize the authority of nation states and their
right to organize their internal affairs as they wish.

It doesn't acknowledge the existence of police forces and courts
as means to redress wrongs.

It doesn't even try to reference UNs Human Rights as a figleaf.

Consequently the Danvers Doctrine is an unconditional declaration
of war, against any kind of legal communication intercept, and
therefore it will never be able to collect the signature of a
single minister of justice, nor get endorsed by any legislature.

The Danvers Doctine leaves only two options for legislatures:

A) Do nothing, and see organized crime become impossible to investigate

B) Force all communication open with laws.

You don't need to follow the news very often to notice that no
politician near power in any state is arguing for option A.

The discussion is only about *how* 'B' will be implemented,
key-escrow, MiTM, backdoors and so on.

All of those options are stupid.

Stupid seen from politicians point of view, and (incredibly) stupid
seen from our point of view.

But those are the only options on the table, and since IETF and the
Danvers Doctrine offers no non-stupid options, stupid it will be.

>That's another divergence, BCP188 represents the IETF consensus to
>work against PM, and it is abundantly clear that PM and many other
>security and privacy threats benefit from use of cleartext HTTP
>via tracking and via enabling the potential for injection of various
>kinds. That the same is recognised for other protocols used in the
>web is confirmed by RFC7626.

I don't know a single mentally competent person (in the legal sense)
who do not understand the distinction between things you do in
public space and things you do in private space.

BCP188, with the same unshakeable conviction as a 5th grade student
councils declaration to "end hunger in all the world", declares
that "There SHALL be no public space at all".

Until IETF stuffs ALL traffic through a Tor like construct,
there will be a public space that can be PM'ed.

The biggest problem in PM is reducing data, and NSA is grossly
incompetent if they expend a single bit of storage more if I read
washington post with HTTPS than with HTTP.

BCP188 probably made IETF-nerds feel good, but even if it manages
to encrypt 100% of the traffic on the net, it is not going to make
any positive difference in privacy for 95% of the traffic.

However it would certainly force legislatures to break the crypto open.

>More and more I think we are learning that services such as
>selective field confidentiality (which have always been very hard
>to engineer) are in fact quite possibly damaging, [...]

Leaving your enemy with only the two options of "surrender" and
"start nuclear war" is in fact quite possibly damaging.

It is totally stupid when your strongest weapon, publishing text-files,
is up against enemies who can legislate, has taxing authority and
controls the police-force.

If the IETF wants to be taken seriously, it MUST acknowledge the
legitimate existence of UN, nation states, legislatures and court
orders demasking communication.

As long as IETF exists in the vacuum of its own political ignorance
it will be part of the problem rather than part of the solution.


Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.
Received on Sunday, 6 December 2015 16:59:05 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 1 March 2016 11:11:40 UTC