- From: Patrick McManus <pmcmanus@mozilla.com>
- Date: Wed, 18 Jul 2012 09:06:38 -0400
- To: Mike Belshe <mike@belshe.com>
- Cc: Phillip Hallam-Baker <hallam@gmail.com>, Paul Hoffman <paul.hoffman@gmail.com>, grahame@healthintersections.com.au, "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
On Tue, 2012-07-17 at 19:30 -0700, Mike Belshe wrote: > Mandating SSL is a simple step we can take which solves most of the > eavesdropping problem right now. But more importantly, it poises us > to address the next set of security issues, including CA/verification > problems, distribution of video over ssl, handshake latency, etc. > Until we start trying to be secure, of course we'll never be secure. +1.. especially on improving the PKI. also - When TLS is optional, as in HTTP/1, that means the decision is made by the server and concerns about the users privacy are controlled by that side of the transaction. Because it is sometimes more convenient for the machines to go with plaintext, the user effectively loses choice and walks smack into the eavesdropping problem. There is no data transfer that is really public information. [*] Web transport needs to favor the confidentiality of humans over convenience of the machines. Even if humans are a cost center. To the extent that there are non-human use cases for HTTP (definitely!) that are unable to support this (I'm skeptical they are significant) they can run a different protocol (e.g. COAP). The human web requirements have to be met as the most important constituency and that means increasing transport security. It hasn't been stated in a while, and its a constant source of confusion when discussing this topic, but the TLS requirement does not mandate end to end TLS by tunneling through proxies in the way we currently do. A mechanism for knowingly interacting with MITM intermediaries is a necessary work item (discovery, opt-in, etc..) . If you're going to argue about legally necessary MITMs this is answer to that. -Patrick [*] Imagine a giant LCD board over your front door announcing that days browsing habits.. all of this stuff happens in plain text today: + shopped for burner cell phone + bing search "domestic violence help" + weather in springfield this weekend (you told everyone you were going to westville) + how to organize a union + obsessively read huffpo.com - you work for the GOP county commisioner. (or reverse it with drudge and the Dems.. doesn't matter). + watched 3 hours of porn + left an anonymous comment on the local newspaper that said "blah blah" People shouldn't have to expect that everything they click on will be public information. Time to raise the bar. HTTP/2 has an opportunity to improve the overall speed of the web while at the same time enhancing privacy - that's the right mix.
Received on Wednesday, 18 July 2012 13:07:22 UTC