W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2013

Re: Moving forward on improving HTTP's security

From: Amos Jeffries <squid3@treenet.co.nz>
Date: Thu, 14 Nov 2013 13:00:53 +1300
To: ietf-http-wg@w3.org
Message-ID: <fe20cefdf926e8cabdac4d04bbedd918@treenet.co.nz>
On 2013-11-14 10:54, Willy Tarreau wrote:
> On Wed, Nov 13, 2013 at 01:23:41PM -0800, Mike Belshe wrote:
>> To paraphrase, you're saying:
>>    "I don't like TLS because I use the presence of TLS to know that I 
>> could
>> be hacked right now.   But if you turn on TLS always, I won't be able 
>> to
>> tell if I can get hacked."
> Huh ? No. I mean "The TLS model is fine for me as long as it's used 
> where
> needed and if it's not abused because I expect all actors in the chain 
> to
> care about security". Let's ensure we don't break that weak link from 
> the
> root CAs to me by making its use mandatory for all no-value stuff that
> nobody cares about and which will make it normal for everyone to deploy
> broken configs and rogue CAs everywhere for the sake of simplicity.
>> To summarize:
>>   1) You're happy with the security you get with TLS to Paypal now
>>   2) You're unhappy with that same security (TLS) enforced everywhere
>> because it is suddenly less secure.
> Exactly.
>> This is also illogical.  We're not changing TLS.
> Yes you are. You're not changing the protocol but the economics and
> the actors' motives to deliver certs the proper way. When certs are
> needed to connect to my printer, I doubt I'll have to order a new
> cert every year to connect to it once every 3 years at most to change
> its IP address. Instead the manufacturer will want a 10 years cert,
> and since he won't be able to get that, some CAs will start to offer
> this (possibly at a high price). We'll possibly find it much easier
> and cheaper to become a valid CA and to issue certs for anyone. I'm
> sorry but the day I can issue a paypal cert myself and have my browser
> accept it without me having to do anything with its configuration, I'll
> start to get a little bit scared.
> Right now it's simple : TLS is annoying to deploy so you do it where
> it matters. It can be free but at least it requires some care and you
> are willing to accept that for the sites you value. Once you don't
> value anymore the certs you are installing and users start to do wrong
> things such as clicking 100 times a day "Ignore this cert error" 
> because
> everyone uses crappy certs, the TLS model will be useless.

I have come to disagree on the "right now" aspect. Several years ago, 
maybe even last year it was true. TLS was known for its use by banks and 
other organisations using it to protect financial or personal 
transactions of various kinds. Under these economics is was widely 
regarded by both network admin and their managers as a Good Thing(tm) to 
leave untouched, even to tunnel through the firewalls and other local 
security protections.

Since the relatively less important but very popular google and facebook 
services have been encrypted the situation has already almost been 
reversed. The belief in TLS being something to leave inviolate has 
disappeared almost completely and, as far as my experience goes, the 
only reason for *some* installations not performing MITM on HTTPS has 
been whether the organisation obeys the legal restraints.

Take careful note that we were talking about these as upcoming trend 
just last year, and unfortunately the swing trend has been accelerating 
extremely fast. This has already happened *without* the bulk of the 
Internet being TLS-enabled. The situation has become almost routine for 
new middleware installations to be setup with MITM of TLS ports under 
the business case that the routine transactions need to be governed - 
encrypted or not.

What we need for HTTP/2 in the way of security is something *better* 
than what "normal" TLS has to offer today (a little bit anyway). Whether 
that comes from the TLS WG or a feature design in HTTP/2 is what we need 
to be discussing. Lets end this enable-TLS-everywhere-and-well-be-fine 

Also, if you want something efficient over TLS just do SPDY. HTTP/2 
needs to be workable for the wider web than TLS/SSL enthusiasts.

Received on Thursday, 14 November 2013 00:01:20 UTC

This archive was generated by hypermail 2.4.0 : Saturday, 28 January 2023 21:29:08 UTC