- From: Willy Tarreau <w@1wt.eu>
- Date: Wed, 13 Nov 2013 22:05:49 +0100
- To: Mike Belshe <mike@belshe.com>
- Cc: "William Chan (?????????)" <willchan@chromium.org>, Tao Effect <contact@taoeffect.com>, Tim Bray <tbray@textuality.com>, James M Snell <jasnell@gmail.com>, Mark Nottingham <mnot@mnot.net>, HTTP Working Group <ietf-http-wg@w3.org>
Hi Mike,
On Wed, Nov 13, 2013 at 12:25:55PM -0800, Mike Belshe wrote:
> The argument that we shouldn't do it because it only
> works "until tools get updated to MITM" doesn't work for me, because that's
> just the way security is. You never finish "security", you just keep
> raising the bar.
>
> Given the widespread snooping that has been so widely publicized in recent
> months, I think it is imperative that we raise the bar here now.
At least now I know where the bar is : if my browser tells me I'm encrypted,
I'm supposed to be secure by current standards. Otherwise I'm not supposed
to.
With the always-on method you're advocating for, I'll have no way to tell
whether I am or not. Still the MITM will continue to happen because there
are many legitimate needs for this (whether it's caching, malware protection
or protecting your kids against rapist which chase online). And users will
not have this indicator anymore telling them whether they're MITM-able or
not.
At the moment the situation is quite clear :
- you're in HTTP, you're MITM-ed. Period. You're likely to pass through
an intercepting caching proxy at your ISP etc... so let's say you're
almost 100% sure to be MITM-ed.
- you're in HTTPS at home, excluding the malware running in the browser
and the rogue certificates, you're supposed to be secured.
- you're in HTTPS at your company with the browser deployed by your
employer, you have to check with your employer (or in your browser)
if the browser is configured to accept an intercepting proxy's certs
or not.
But with all-TLS it's not possible to tell the difference anymore, because
ISPs will require that end users use connection kits as it was done 20 years
ago which contain their certificates that you need to install in your browser,
and these certs will be stored in an even worse way than the current 600 CAs.
So you'll be apparently HTTPs all the time from home, but with no easy way to
tell whether you're MITM-ed by your ISP or not, nor by anyone else who has
already stolen your ISP's certs.
And that's definitely not the Internet I want. I want to continue to connect
to PayPal securely and to read some blogs/forums without having to click to
pass through outdated certificates or those which were emitted for the main
domain and not the sub-domain ones, just to give a few examples of what is
commonly encountered. I want to be able to trust my connection when I need
to. Not to be taught I must trust it otherwise I have no access.
Willy
Received on Wednesday, 13 November 2013 21:06:20 UTC