- From: Roberto Peon <grmocg@gmail.com>
- Date: Wed, 18 Jul 2012 10:40:58 -0700
- To: Patrick McManus <pmcmanus@mozilla.com>
- Cc: Paul Hoffman <paul.hoffman@gmail.com>, Phillip Hallam-Baker <hallam@gmail.com>, grahame@healthintersections.com.au, "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>, Mike Belshe <mike@belshe.com>
- Message-ID: <CAP+FsNcqwewKZkSMPxPrOjA0c9C8Jqr1F-S71TxAOYArBjLh9Q@mail.gmail.com>
As a reminder, I submitted an ID w.r.t. TLS proxies and MITM. The key idea in it, ignoring the technical stuff, is that either party (client, server) has or should have some decisions to make about what the proxies are allowed to do, and thus their own behavior when dealing with them. The proxy always had the power to restrict and control things which flow through it. Always will. -=R On Jul 18, 2012 6:09 AM, "Patrick McManus" <pmcmanus@mozilla.com> wrote: > On Tue, 2012-07-17 at 19:30 -0700, Mike Belshe wrote: > > > Mandating SSL is a simple step we can take which solves most of the > > eavesdropping problem right now. But more importantly, it poises us > > to address the next set of security issues, including CA/verification > > problems, distribution of video over ssl, handshake latency, etc. > > Until we start trying to be secure, of course we'll never be secure. > > +1.. especially on improving the PKI. > > also - When TLS is optional, as in HTTP/1, that means the decision is > made by the server and concerns about the users privacy are controlled > by that side of the transaction. Because it is sometimes more convenient > for the machines to go with plaintext, the user effectively loses choice > and walks smack into the eavesdropping problem. There is no data > transfer that is really public information. [*] > > Web transport needs to favor the confidentiality of humans over > convenience of the machines. Even if humans are a cost center. > > To the extent that there are non-human use cases for HTTP (definitely!) > that are unable to support this (I'm skeptical they are significant) > they can run a different protocol (e.g. COAP). The human web > requirements have to be met as the most important constituency and that > means increasing transport security. > > It hasn't been stated in a while, and its a constant source of confusion > when discussing this topic, but the TLS requirement does not mandate end > to end TLS by tunneling through proxies in the way we currently do. A > mechanism for knowingly interacting with MITM intermediaries is a > necessary work item (discovery, opt-in, etc..) . If you're going to > argue about legally necessary MITMs this is answer to that. > > -Patrick > > [*] Imagine a giant LCD board over your front door announcing that days > browsing habits.. all of this stuff happens in plain text today: > + shopped for burner cell phone > + bing search "domestic violence help" > + weather in springfield this weekend (you told everyone you were going > to westville) > + how to organize a union > + obsessively read huffpo.com - you work for the GOP county > commisioner. (or reverse it with drudge and the Dems.. doesn't matter). > + watched 3 hours of porn > + left an anonymous comment on the local newspaper that said "blah > blah" > > People shouldn't have to expect that everything they click on will be > public information. Time to raise the bar. HTTP/2 has an opportunity to > improve the overall speed of the web while at the same time enhancing > privacy - that's the right mix. > > > >
Received on Wednesday, 18 July 2012 17:41:27 UTC