On Thu, Jul 26, 2012 at 2:01 AM, Poul-Henning Kamp <phk@phk.freebsd.dk>wrote: > In message <CABaLYCtZjfR0S3fz-vt8S6ZPaa05B0e5X+7tWPYb= > 5pZg7kGGA@mail.gmail.com> > , Mike Belshe writes: > > >Actually, TLS is end-to-end encrypted and just an opaque byte stream as > far > >as intermediaries are concerned. I'm not sure what you mean by > hop-by-hop, > >but TLS is not (to me) hop-by-hop. > > TLS is, as far as content is concerned hop-by-hop. > Usage of the broken CA-certificate model for key-material limits TLS > to one hop which connects end to end, but other key-material models > support more hops. > > No - its end to end- those in the middle cannot see the contents. The only ones that can see the content are the client and the origin server. This is the basic building block of e-commerce. You're saying the CA system is so broken that every proxy has access to all TLS traffic, which is provably false. Mike > This is one of the reasons I push the envelope+(metadata+content) > model for HTTP/2.0: You can use TLS to gain privacy for > the envelope on a hop-by-hop basis, while still allowing the > intermediaries to act on that envelope, and while still having > end-to-end privacy on the metadata+content. > > > -- > Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 > phk@FreeBSD.ORG | TCP/IP since RFC 956 > FreeBSD committer | BSD since 4.3-tahoe > Never attribute to malice what can adequately be explained by incompetence. >
Received on Thursday, 26 July 2012 17:52:40 UTC