Re: http+aes from Yngve Nysaeter Pettersen on 2012-03-05 (ietf-http-wg@w3.org from January to March 2012)

From: Yngve Nysaeter Pettersen <yngve@opera.com>
Date: Mon, 05 Mar 2012 13:51:03 +0100
To: URI <uri@w3.org>, "HTTP Working Group" <ietf-http-wg@w3.org>
Message-ID: <op.wao7bdvpvqd7e2@damia.oslo.osa>

On Mon, 05 Mar 2012 11:21:06 +0100, Julian Reschke <julian.reschke@gmx.de>  
wrote:

> FYI:
>
> 	http://dev.w3.org/html5/spec/Overview.html#http-aes-scheme

This definition (and the HTTPS+AES one) leaves a lot to be desired, IMO

* What are the use cases?

* Why is it better than using HTTPS? If the URL is sent over HTTPS you  
will very likely already have at least one persistent HTTP connection open  
to the server (assuming it is the same server) so establishing a new  
connection (same or different server) for this request is not going to  
increase performance. Even if no connections are open, for a properly  
configured server, reestablishing a SSL/TLS session is not going to take  
much longer (one extra roundtrip) and the entire request and response will  
be protected.

* What is the keymaterial? If the userinfo is the key, how is it encoded?  
Base64, hex, calculated (how?), or other format, and if so, where is the  
CTR nonce encoded? If userinfo is not the key, how is the userinfo used to  
obtain the the encryption key, and how is that information secured?

* If the keymaterial is intended for long-term usage by a single user,  
depending on storage methods, how is the keymaterial info migrated  
securely to a new client, either for parallel use in multiple clients, or  
system recovery?

* Given that this is probably going to be MITM vulnerable when used over  
plain HTTP, what should the client do if the URL is provided over HTTP (or  
included by reference in a document loaded over HTTP)? Refuse to perform  
the request, or go ahead anyway?

* How does this interact with other ongoing specification work, such as  
the Javascript Crypto APIs?

* How will this interact with clients that does not understand the URL  
scheme? It is quite possible that they will display the userinfo in the  
addressbar or the resulting error messages.

-- 
Sincerely,
Yngve N. Pettersen
********************************************************************
Senior Developer		     Email: yngve@opera.com
Opera Software ASA                   http://www.opera.com/
Phone:  +47 23 69 32 60              Fax:    +47 23 69 24 01
********************************************************************

Received on Monday, 5 March 2012 12:51:39 UTC