Re: Adding Security Considerations regarding interception to p1

Hi Mike,

On Thu, Sep 19, 2013 at 12:00:28AM -0700, Mike Belshe wrote:
> Mark -
> 
> I was about to write that I didn't like your proposal :-(
> 
> But after reading Willy's argument, maybe I see a route where it can be
> useful.  Specifically, Willy's retort is the common one - discussing "dumb
> administrators" and that TLS is not a panacea.  This argument doesn't
> appeal to me because any of us can craft a reasonable story about the
> clueless guy to support our own point of view.  And the clueless guys don't
> read protocol specs anyway :-)

I don't agree with you here. The people who are able to correctly deploy
TLS don't need to read our warnings about the risks of transporting HTTP
in clear text. However the newcomers who have no clue about these risks
have even less clues about how to correctly deploy TLS. And the situation
is already bad because they constantly hear "simply switch to https if
you transport anything sensible such as a password". Which is wrong and
regularly leads to information leaks because they don't understand that
it's more complex than that. BTW, we all know educated people around us
who renew their certs without changing their private keys because this
is not needed, right ? Except that it completely voids the main goal of
limiting the cert's lifetime. This is one of the mistakes that many
people fall through and that render their implementations insecure.

> But we don't need to talk about the clueless guy, because even smart
> administrators that do read these specs don't always know when to encrypt.

Exactly. If you think you need to add TLS to your HTTP stack, then you
should consult and expert and not believe you can do it correctly by
yourself otherwise it will probably be useless. That's the message I
would like to pass if we mention TLS.

Regards,
Willy

Received on Thursday, 19 September 2013 07:47:44 UTC