- From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
- Date: Fri, 11 Jan 2013 20:07:17 +0000
- To: Poul-Henning Kamp <phk@phk.freebsd.dk>
- CC: Ilya Grigorik <ilya@igvita.com>, HTTP Working Group <ietf-http-wg@w3.org>
On 01/11/2013 07:57 PM, Poul-Henning Kamp wrote: > -------- > In message <50F06B93.6060309@cs.tcd.ie>, Stephen Farrell writes: > >> If someone abuses our protocols (which from reports is what >> seems to have happened here) there's nothing we can do to >> stop them. > > The reason they "abuses your protocol" is that the protocol has Its your protocol as much as mine. We're both IETF participants. > been designed such that it does not support a surprisingly > big class of legitimate usecases. > > Theirs may or may not be legit, but the example clearly > illustrates the security failure you so often see, when > a protocol does not degrade gracefully. > >> We can and are working on ways to allow for better detection >> of such MITM attacks, but that's different. > > Yes, fine, cool. > > But how about allowing for them, for instance where they are mandated > by law ? > > (Pornfilters at schools, inmates communications in high security > prisons. Parental control filters in homes.) Again, feel free to post your I-D that meets whatever laws you prefer to pick from whatever countries you prefer, and that is not trivially insecure. We're not interested you telling us about the laws of course, but only the engineering design. And if you're picking legal things on which to base your design, don't forget to include the right to be forgotten. No point making it too easy for you;-) The problem you have IMO is that you're posing a requirement that's beyond the state of the art at least. (To be able to sensibly mix e2e and hbh security in a very general context.) It might be easy to state the requirement, but that doesn't mean there's a practical solution. S.
Received on Friday, 11 January 2013 20:07:45 UTC