Re: Response to HTTP2 expresions of interest from Poul-Henning Kamp on 2012-07-13 (ietf-http-wg@w3.org from July to September 2012)

From: Poul-Henning Kamp <phk@phk.freebsd.dk>
Date: Fri, 13 Jul 2012 18:21:30 +0000
To: James M Snell <jasnell@gmail.com>
cc: Tim Bray <tbray@textuality.com>, Phillip Hallam-Baker <hallam@gmail.com>, "ietf-http-wg@w3.org Group" <ietf-http-wg@w3.org>
Message-ID: <45484.1342203690@critter.freebsd.dk>

In message <CABP7RbcVOEfnzg1A+x8NsOu+Gp2OtnHnVvWmLyQUM+QUMLNsUw@mail.gmail.com>
, James M Snell writes:

>Definitely a tricky thing here because of the competing interests and
>requirements at play. Transport-layer secure provides the necessary
>protection against snoopers but makes the efficient routing and
>handling of the communication via intermediaries far more difficult.

I still don't agree.

The envelope is where you write who you want your adversary to think
you are communicating with.

This may or may not be who you actually are communicating with.

TLS communication today already have an envelope consisting of
IP# + TCP port numbers, and unless your adversary is totally
incompetent, he also has the DNS lookup that gave you that IP#.

QED: Putting the "Host:" in the HTTP envelope does not leak any
information your adversary doesn't already have or can guess.

Even if we stopped here, it would be a major benefit over TLS
in terms of enabling websites to roll out protection for their
customers.

To make it better, we need to add a session identifier, but today
we pretend HTTP is stateless so we don't have one (so people
hack it with cookies).

Finally, to do what people do today we would need to include the
URI, but that is by far the most troublesome of the three fields.

I belive, but it should be seriously investigated, that if we add
a session-concept to HTTP2, the envelope would just need to be Host:
+ session-nonce.

In difference from TLS, that would allow us to mix protected and
unprotected traffic on the same TCP connection, thus avoiding
the extra TCP for protection upgrade, and making life much
easier and efficient for proxies.

It also means that you do not need to put your certificate on
the HTTP router/load-balancer, but can put it on the specific
webservers which host the protected stuff.

SSL/TLS was a quick hack to protect HTTP, one of the far too
many quick hacks in HTTP world.  We should try to eliminate
them.

-- 
Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.

Received on Friday, 13 July 2012 18:21:53 UTC