- From: Amos Jeffries <squid3@treenet.co.nz>
- Date: Thu, 14 Nov 2013 13:00:53 +1300
- To: ietf-http-wg@w3.org
On 2013-11-14 10:54, Willy Tarreau wrote: > On Wed, Nov 13, 2013 at 01:23:41PM -0800, Mike Belshe wrote: >> To paraphrase, you're saying: >> "I don't like TLS because I use the presence of TLS to know that I >> could >> be hacked right now. But if you turn on TLS always, I won't be able >> to >> tell if I can get hacked." > > Huh ? No. I mean "The TLS model is fine for me as long as it's used > where > needed and if it's not abused because I expect all actors in the chain > to > care about security". Let's ensure we don't break that weak link from > the > root CAs to me by making its use mandatory for all no-value stuff that > nobody cares about and which will make it normal for everyone to deploy > broken configs and rogue CAs everywhere for the sake of simplicity. > >> To summarize: >> 1) You're happy with the security you get with TLS to Paypal now >> 2) You're unhappy with that same security (TLS) enforced everywhere >> because it is suddenly less secure. > > Exactly. > >> This is also illogical. We're not changing TLS. > > Yes you are. You're not changing the protocol but the economics and > the actors' motives to deliver certs the proper way. When certs are > needed to connect to my printer, I doubt I'll have to order a new > cert every year to connect to it once every 3 years at most to change > its IP address. Instead the manufacturer will want a 10 years cert, > and since he won't be able to get that, some CAs will start to offer > this (possibly at a high price). We'll possibly find it much easier > and cheaper to become a valid CA and to issue certs for anyone. I'm > sorry but the day I can issue a paypal cert myself and have my browser > accept it without me having to do anything with its configuration, I'll > start to get a little bit scared. > > Right now it's simple : TLS is annoying to deploy so you do it where > it matters. It can be free but at least it requires some care and you > are willing to accept that for the sites you value. Once you don't > value anymore the certs you are installing and users start to do wrong > things such as clicking 100 times a day "Ignore this cert error" > because > everyone uses crappy certs, the TLS model will be useless. I have come to disagree on the "right now" aspect. Several years ago, maybe even last year it was true. TLS was known for its use by banks and other organisations using it to protect financial or personal transactions of various kinds. Under these economics is was widely regarded by both network admin and their managers as a Good Thing(tm) to leave untouched, even to tunnel through the firewalls and other local security protections. Since the relatively less important but very popular google and facebook services have been encrypted the situation has already almost been reversed. The belief in TLS being something to leave inviolate has disappeared almost completely and, as far as my experience goes, the only reason for *some* installations not performing MITM on HTTPS has been whether the organisation obeys the legal restraints. Take careful note that we were talking about these as upcoming trend just last year, and unfortunately the swing trend has been accelerating extremely fast. This has already happened *without* the bulk of the Internet being TLS-enabled. The situation has become almost routine for new middleware installations to be setup with MITM of TLS ports under the business case that the routine transactions need to be governed - encrypted or not. What we need for HTTP/2 in the way of security is something *better* than what "normal" TLS has to offer today (a little bit anyway). Whether that comes from the TLS WG or a feature design in HTTP/2 is what we need to be discussing. Lets end this enable-TLS-everywhere-and-well-be-fine B***sh*t. Also, if you want something efficient over TLS just do SPDY. HTTP/2 needs to be workable for the wider web than TLS/SSL enthusiasts. AYJ
Received on Thursday, 14 November 2013 00:01:20 UTC