- From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
- Date: Tue, 03 Apr 2012 03:12:58 +0100
- To: "Adrien W. de Croy" <adrien@qbik.com>
- CC: Robert Collins <robertc@squid-cache.org>, "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
On 04/03/2012 02:55 AM, Adrien W. de Croy wrote: > > ------ Original Message ------ > From: "Stephen Farrell" <stephen.farrell@cs.tcd.ie> >> >> >> On 04/03/2012 12:22 AM, Robert Collins wrote: >>> This seems rather timely: >>> http://www.telegraph.co.uk/technology/news/9179087/Internet-activity-to-be-monitored-under-new-laws.html >>> >> >> And not timely but relevant: >> http://tools.ietf.org/html/rfc2804 > > > OK, thanks for pointing that out. > > We are at a slightly different juncture than we were in 2000. Sure. > > It seems to me, the issue of mandatory SSL is far from put to rest. > > In relation to RFC2804, it's one thing to take a position of not taking > a position, which is fine and completely reasonable. > > It's another to promote a protocol that explicitly goes against the > wishes of governments, and therefore creates problems for implementors, > potentially criminalises users and implementors. Thats doesn't equate to > not taking a position. I think you're missing some context. In ~1999 the US government exerted serious pressure to get the IETF to add a law enforcement field to protocols that'd allow for key escrow. After an extended debate involving many, many IETF folks, we said no. That was explicitly going against the government of the country from which most IETF participants originate. IMO this doesn't speak to whether or not to mandate use of TLS, but rather is only really relevant to the MITM-like features discussed recently here, and maybe only when considering government actions. S > > Even if we put wiretapping issues aside, there are plenty of other > reasons why it's IMO unfeasible to make SSL/TLS mandatory, and these > relate mainly to administrative, security, and infrastructural issues. > We simply are not at a place where deployment of SSL certificates beyond > the realms of technically proficient operators is feasible to support. > > We don't have a viable deployable alternative to certificates. > Shared-secret is not viable for the web at large. > > We are also not at a place where we've solved the issues relating to > certificate verification. OCSP servers are a highly central point of > failure (with enormous consequences) and go down. > We didn't even touch on deployability of TLS/SSL into tiny footprints, > or the non-zero costs in terms of latency and CPU / RAM at various > points in the network. > Arguments about users right for privacy are political arguments, and > fall afoul of RFC 2804 on the other side. > > Corporates also have a right and an increasing requirement to know what > their resources are being used for. This requirement is getting stronger > not weaker, as countries around the world roll out laws around internet > copyright abuse. For instance in NZ, there's a 3 strike system now, with > large fines etc. Companies need to be able to protect themselves from > liability for their users' actions. > > I don't really have much more on the topic of mandatory-to-use SSL. In > the end, if that's where the specs go, we are just escalating the arms > race, which simply incurs cost on the users of these protocols, for > which history may not thank us. We'll just have all the pain of everyone > having to deploy SSL, and we'll get MITM as well. > Cheers > Adrien > > >> >> S >>> -Rob >>> >> > > >
Received on Tuesday, 3 April 2012 02:13:25 UTC