W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2016

Re: HTTP/2 - Unintended consequences of pseudo-mandatory TLS

From: Willy Tarreau <w@1wt.eu>
Date: Sun, 13 Mar 2016 23:41:04 +0100
To: Phil Lello <phil@dunlop-lello.uk>
Cc: ietf-http-wg@w3.org
Message-ID: <20160313224104.GA7960@1wt.eu>
Hi Phil,

On Sun, Mar 13, 2016 at 08:17:54PM +0000, Phil Lello wrote:
> Dear all,
> 
> Whilst I'm not certain that this is the right forum to address browser
> support for h2c / non-TLS HTTP/2, I'd like to state my concerns over the de
> facto requirement for TLS.
> 
> Whilst the aims of the "SSL everywhere" movement seem reasonable, I'm
> unconvinced. I'm concerned that in practice, it will make the web less
> secure whilst creating the illusion of security.
> 
> In many parts of the western world, bandwidth exists in sufficient
> quantities for local caching to be overlooked as concern, but it certainly
> isn't universal - indeed, reliable connectivity is an issue in some
> locations, and a caching proxy is an appealing solution.
> 
> TLS proxies already exist that can be used to mitigate this, provided
> someone is willing to install a root CA to accept re-signed content. Some
> corporate desktops do this as part of a standard build. Forcing TLS on web
> users will encourage this practice.
> 
> There will also be cases where in lieu of installing a root CA, users will
> become accustomed to accepting self-signed or suspicious certificates,
> potentially to a level where it becomes automatic even for sites that
> really shouldn't have this issue.
> 
> There's a psychological impact to churning out the message that "this site
> is secure" - it predisposes users to think that if they can see a secure
> padlock/green tick/whatever then they don't need to concern themselves with
> what information they're sharing, and why - legitimate sites can be hacked,
> less reputable ones can get SSL certificates, and if there isn't at least
> one intelligence agency or organised crime cartel that has a copy of a real
> root CA cert, then I'm a teapot.

That's what I've been saying as well during these discussions about TLS vs
non-TLS. I must say that I don't trust a TLS connection anymore from a
browser that I have not installed myself, TLS decryption is fairly common
nowadays and the user has no more choice but to accept the security he's
being offered.

And considering that some mobile phone operators are selling smartphones,
I'd be curious to know whether or not these phones are preloaded with extra
certs...

Regards,
Willy
Received on Sunday, 13 March 2016 22:41:30 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 22 March 2016 12:47:11 UTC