HTTP without being HTTPS all the time from Nicolas Mailhot on 2012-07-19 (ietf-http-wg@w3.org from July to September 2012)

From: Nicolas Mailhot <nicolas.mailhot@laposte.net>
Date: Thu, 19 Jul 2012 21:27:59 +0200
To: "Mike Belshe" <mike@belshe.com>
Cc: "httpbis mailing list" <ietf-http-wg@w3.org>
Message-ID: <7a85396324d7873b239640aa97348853.squirrel@arekh.dyndns.org>

> Read this article
> and then ask yourself if that is really true.

> http://www.imperialviolet.org/2012/07/19/hope9talk.html

> Mixed modes of sometimes-secure-and-sometimes-not-secure open a slew of
> attacks that are only solved if you're all TLS all the time. If someone
> has a better solution, let me know; I don't know of one.

Sadly that only shows you didn't understand (or chose to misunderstand)
the article.

What this article actually says is that:
1. in-clear transmission without integrity checks is dangerous (that's a
signing property, not a tls property)
2. TLS offers dubious security as it posits users can identify trusted
certificates but “Asking regular people to evaluate the validity of X.509
certificates is insane.” (and asking anyone else to do it is putting their
security in third-party hands)
3. as soon a you start sourcing elements from third-parties or secondary
web sites (regardless if it's in-clear or over tls) your trust model is
essentially gone. The only difference between in-clear and tls sourcing is
that in one case anyone can mess up with your site, and in the other the
breakage is limited to whoever has control of those third-parties. Which
quite often is not saying much (but ma, it is sooo convenient to source
foreign content)

No amount of certificate or tls slapping is going to make something like a
planet that federates dozens of blogs, all running on their own (possibly
rooted) blog platform, and referencing material from countless other
sites, remotely trustable. And that's just an extreme case. Use Firefox
with requestpolicy in anal mode a few days and see how few sites render
properly by default nowadays.

The only situation where TLS makes things “safe” (for dubious values of
safe) is when everything on a web site is provided by a single entity,
over a single certificate the user is used to and can easily recognize,
which happens mostly on big-brother-is-watching-you walled-garden sites
ran by a few web heavyweights (in close cooperation with whatever state
they happen to be head-quartered in) or on very specialized web sites such
as banks (but even banks are foolish enough to mashup their web sites
nowadays. We may trust them but should we trust their advertising or
geolocation partners?)

-- 
Nicolas Mailhot

Received on Thursday, 19 July 2012 19:28:42 UTC