Re: Mandatory encryption from Phillip Hallam-Baker on 2012-07-18 (ietf-http-wg@w3.org from July to September 2012)

From: Phillip Hallam-Baker <hallam@gmail.com>
Date: Wed, 18 Jul 2012 11:06:52 -0400
To: Eliot Lear <lear@cisco.com>
Cc: Mike Belshe <mike@belshe.com>, Willy Tarreau <w@1wt.eu>, Paul Hoffman <paul.hoffman@gmail.com>, grahame@healthintersections.com.au, "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
Message-ID: <CAMm+LwgMYUc6npo_TuUX9W6RV5HOizoeAk-EQTQvu4wTW=cnnA@mail.gmail.com>

It isn't just the cost that is an issue.

The ongoing maintenance cost is a real hinderance. Much of the cost in
the CA business turns out to be getting the customer to renew at the
one year expiry point. In many cases the Web site was set up by a
consultant who bought the cert and didn't tell the customer that they
needed to renew it.

The real security requirement here is to avoid a downgrade attack.
Mandating use of TLS in HTTP 2.0 does nothing for that unless there is
also a means of avoiding the downgrade attack to HTTP/1.1

We need to make preventing a downgrade attack practical and if we do
that we do not need the mandate.

Here is an example of the type of mechanism that could make use of
security policy practical:

http://tools.ietf.org/html/draft-hallambaker-omnibroker-01

Now Comodo and Kaspersky are already deploying schemes that have some
of this functionality already. I expect Symantec and McAfee will
eventually follow suit with their own plug ins. So the question is not
whether people will do something like this but whether it will be a
standard or not.

On Wed, Jul 18, 2012 at 9:56 AM, Eliot Lear <lear@cisco.com> wrote:
> Mike,
>
>
> On 7/18/12 8:54 AM, Mike Belshe wrote:
>
> Show me the user that will stand up and say, "Yes, I would like my
> communications to be snoopable and changeable by 3rd parties without my
> knowledge."
>
>
> This is a red herring.  The real argument is around the ability of all web
> servers to get certificates that the browser will  / should trust, or using
> a means of trust that doesn't require certificate chains. The server
> administrator must not be put in a position of having to pay an annual fee
> to avoid the client warning, because that introduces at least a potential
> externality in that the server administrator may not value avoiding the
> warning in the way that you would expect.  Certainly the end user doesn't
> act appropriately against the warning, which is why we're having this
> discussion[1,2][*].
>
> Eliot
>
> [1] Herley, C., “So Long, And No Thanks for the Externalities: The Rational
> Rejection of Security Advice by Users”, NSPW’09, September 8–11, 2009.
> [2] Edelman, S., et al, “You've been warned: an empirical study of the
> effectiveness of web browser phishing warnings”, Proceedings of the
> twenty-sixth annual SIGCHI conference on Human factors in computing systems
> , 2008.
> [*] There are probably dozens of citations in this space.

-- 
Website: http://hallambaker.com/

Received on Wednesday, 18 July 2012 15:07:23 UTC