W3C home > Mailing lists > Public > ietf-http-wg@w3.org > July to September 2013

Re: Mandatory encryption *is* theater

From: Salvatore Loreto <salvatore.loreto@ericsson.com>
Date: Sun, 25 Aug 2013 22:27:58 +0200
Message-ID: <521A68CE.4050200@ericsson.com>
To: Roberto Peon <grmocg@gmail.com>
CC: HTTP Working Group <ietf-http-wg@w3.org>
On 8/25/13 10:18 PM, Roberto Peon wrote:
> We've seen that the network delays bytes on some ports because (we 
> assume) of inspecting proxies, even when the data is incomprehensible 
> to the proxy.
maybe I am naif but the delay can be just because the proxies (lets just 
talk of HTTP here) expect HTTP traffic and they get confuse when they 
see something else

> If the bytes are merely signed then the bytes are visible and 
> modification is still performed-- the modification becomes 
> time-domain, e.g. dropping/delaying packets, etc.

If we let always possible to discover the presence of a proxy by the 
client... and the client realize that dropping/delaying packets is much 
higher
when there is that proxy in between ... it is just a matter of the time 
and the market will decide

>
> In any case, if you're doing the work of signing, why not just encrypt?
because you can still use all the positive aspects of the proxy/cache

/Salvatore

>
> -=R
>
>
> On Sun, Aug 25, 2013 at 1:07 PM, Salvatore Loreto 
> <salvatore.loreto@ericsson.com <mailto:salvatore.loreto@ericsson.com>> 
> wrote:
>
>     so now I have a question
>     if one of the reasons to use encryption is to let the bytestreams
>     traverse the networks without modifications
>     why don't just sign them instead that encrypt them?
>
>     /Sal
>
>
>     On 8/25/13 9:09 PM, Roberto Peon wrote:
>>     Remember that encryption != security.
>>     Part of the reasons to use encryption have nothing to do with
>>     security, but rather reliability-- encrypted bytestreams traverse
>>     the network without modification far more successfully.
>>
>>     There should be no reason that the client shouldn't be able to
>>     request this more reliable channel when the URL is HTTP.
>>
>>     As far as I understand, this is what we're talking about-- the
>>     client's ability to request an encrypted channel for HTTP urls.
>>
>>     -=R
>>
>>
>>
>>     On Sun, Aug 25, 2013 at 11:46 AM, Eliot Lear <lear@cisco.com
>>     <mailto:lear@cisco.com>> wrote:
>>
>>         Will,
>>
>>
>>         On 8/25/13 5:29 PM, William Chan (ι™ˆζ™Ίζ˜Œ) wrote:
>>>
>>>         Another key distinction is encryption does not require
>>>         authentication, so a proper cert is not mandatory. I'm
>>>         surprised you mention requiring a proper cert given that you
>>>         clearly understand a proper cert isn't necessary, given your
>>>         reply to Yoav below. I think it's worthwhile to discuss the
>>>         asserted benefit, but any statement about the current
>>>         proposal requiring proper certificates sounds factually
>>>         incorrect as far as I can tell. Did I miss something here?
>>>
>>
>>         Possibly you did or possibly I did.  I have two specific
>>         issues with anonymous encryption:
>>
>>         1.  The threat it is addressing may be better dealt with at
>>         other layers; and
>>         2.  It is often sold as more than it is.
>>
>>         As I wrote, I do like the idea of DANE + DNSSEC and then
>>         expanding on that.  Got code for that?  If it's real privacy
>>         (not just encryption) then I'd probably be convinced (there
>>         is a matter of responsibility, but I think  DANE + DNSSEC
>>         could get us there, as can certs from credible CAs).
>>
>>         And just for the record:
>>
>>
>>>         Yes, the proposal is that it is mandatory for the server to
>>>         implement and offer encryption.
>>
>>         That is in fact my objection, particularly the "offer" part. 
>>         You seem to be assuming (forgive me if you are not) that many
>>         implementations small and large AND many deployments small
>>         and large will do a whole lot of work for that offer where
>>         past experience shows that they won't, but rather that it
>>         will in fact hinder implementation and deployment of the rest
>>         of HTTP2.  There is an obvious question about the goals for
>>         HTTP2...
>>
>>         Eliot
>>
>>
>
>
Received on Sunday, 25 August 2013 20:28:24 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:14:14 UTC