- From: Poul-Henning Kamp <phk@phk.freebsd.dk>
- Date: Fri, 13 Jul 2012 22:05:18 +0000
- To: "HAYASHI, Tatsuya" <lef.mutualauth@gmail.com>
- cc: "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>, Brian Pane <brianp@brianp.net>
In message <CAGipQFk4dCEAhsoc5Cv7ZKNine__rG65kGc7tX8FRXnUjnCSTQ@mail.gmail.com> , "HAYASHI, Tatsuya" writes: >Do you have any opinion about this? Not really at this point, but given a chance to think about it I'm sure that both I and many others will have. I my ideal world, we would start by spending some months deciding what services HTTP/2.0 should actually provide, and try to find the best, small, easy to understand set of primitives that do that. That may be a good deal tricker than people think. For instance the fact that several major web-commerce sites prominently display stuff like: Hello Poul-Henning (Not Poul-Henning ? Press Here) clearly indicates how broken the current protection crap really is... The protection issues are particularly thorny because many people think they can enforce their political agendas using protocol design and specifications, as exemplified in the "end-to-end privacy" wars. The only thing you get if you try to do that, is that people will make workarounds for the "banned" practices, such as wild-card certificates for legally mandated interception, and cookies as session-hacks and so on. A much better strategy is to make these practices possible and detectable, so that the users know when they are subject to them. If I should give a first cut on the protection primitives I would expect from HTTP/2.0 it would be: * Get other ends proffered proof of identity (aka: its certificate) * Request privacy protected session/channel * Identify first privacy endpoint Ie: do we have end to end privacy, and if not, who am the first entity I must trust ? Amongst perfectly valid and reasonable answers: The corporate firewall. The prisons legal intercept. The countrys censorship institution. But I am sure that there are people better than me to perform that analysis, and I really wish the WG would engage some of them, rather than rush headlong into protocol redesign... -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence.
Received on Friday, 13 July 2012 22:05:41 UTC