- From: Grahame Grieve <grahame@healthintersections.com.au>
- Date: Thu, 14 Nov 2013 11:25:20 +1100
- To: William Chan (陈智昌) <willchan@chromium.org>
- Cc: Adrien de Croy <adrien@qbik.com>, Stephen Farrell <stephen.farrell@cs.tcd.ie>, Willy Tarreau <w@1wt.eu>, Mike Belshe <mike@belshe.com>, Tao Effect <contact@taoeffect.com>, Tim Bray <tbray@textuality.com>, James M Snell <jasnell@gmail.com>, Mark Nottingham <mnot@mnot.net>, HTTP Working Group <ietf-http-wg@w3.org>
If corporate security needs is what is driving MITM attacks, then perhaps HTTP should enable something along the lines of a delegated security model, though I don't know whether that can be done securely or not (where secure includes the browser user knowing that it what is going on) On the wider question of whether http/2 should mandate TLS, it seems to me that this is driven by your feelings about http/2 scope. If you think that http/2 = "the web", then of course http/2 should force TLS. But if you think that http/2 = a general communications protocol that is also used by the web, then you won't think that http/2 should enforce TLS It seems to me that the use case for "needs efficiency features of http/2" + "can't deal with the certificate requirements of TLS" is very slim set. Why not enforce TLS in http/2, and commit to maintaining HTTP/1 going forward in the unlikely event that something in the underlying framework was to invalidate HTTP/1? Grahame On Thu, Nov 14, 2013 at 11:09 AM, William Chan (陈智昌) <willchan@chromium.org> wrote: > On Wed, Nov 13, 2013 at 2:36 PM, Adrien de Croy <adrien@qbik.com> wrote: >> >> I thought we already did the mandatory TLS argument to death many times. > > > We did :) And I don't think we're going to convince one another here. I feel > like I understand your position and disagree with it. And I think the vice > versa is true. I stated my preference earlier, but I don't expect to > convince you. As much as it'd be nice to have the spec mandate this, so I > could use it as a weak hammer to beat people on the head with when they > don't want to use TLS, I don't really think we'll achieve rough consensus. > But I'll impose my will insofar as I can affect Chromium policy and push > more HTTPS adoption as much as I can. > >> >> >> We added MITM in WinGate mostly because Google and FB went to https. >> Google and FB you may take a bow. > > > FWIW, I'm happy those companies went HTTPS, and I'm sad that y'all are > offering MITM features in your products. I suppose that if I ask you not to > MITM traffic, you wouldn't listen, would you? :P If you feel that MITM is > bad for the web, why are you implementing this? Is it simply because if you > don't, then someone else will and people will switch from your product? > >> >> Does this improve security of the web overall? IMO no. People can now >> snaffle banking passwords with a filter plugin. > > > Just to be clear, the MITM works because the enterprises are adding new SSL > root certificates to the system cert store, right? I agree that that is > terrible. I wouldn't use that computer :) I hope we increase awareness of > this issue. > >> >> You really want to scale this out? How will that make it any better? > > > I believe that making communications secure by default will overall improve > the security of the web as long as most devices don't have these additional > SSL root certificates used by the MITM proxies. You are taking a cynical > view on the outcome when communications become secure by default. I > disagree. I think that it's worthwhile to force entities that want to > examine communications to have to MITM SSL. I think that the negative PR of > a government or ISP or whatever trying to force installations of additional > root certificates on end users' machines would be a strong disincentive to > employ these policies. I agree it might lead more enterprises to MITM their > employees who use corporate devices. It is a sad world indeed if it's the > status quo for everyone to use devices with extra root certs so > intermediaries can MITM SSL connections. > >> >> You're suggesting anyone wanting to run an http2 server now has to >> purchase, and pay for the ongoing maintenance of a cert, and take the cost >> on additional CPU to handle the load? > > > Yes, I want to use HTTP/2 as a carrot to incentivize server operators to use > HTTPS. There are tradeoffs that prevent folks from adopting HTTPS. I'm > hoping HTTP/2 helps adjust the tradeoffs in HTTPS' favor somewhat, due to > its reduced user perceived latency and improved connection reuse leading to > improved scalability compared to HTTP/1.X over TLS. > >> >> >> Organisations have to live with the pain in the neck of deploying signing >> certs to clients, dealing with visitor devices etc etc. This = reduction in >> user experience. > > > You mean the additional root certs installed on client machines? Good, I'm > glad it's a PITA for y'all, so maybe you'll stop doing it or do it less > often, and maybe corporations will stop asking you to do this for them. This > is terrible and I'm personally not interested in making it easier for > organizations to snoop on their members/employees/students/etc. I'm in favor > of reduced user experience where the user is someone who wants to MITM SSL > traffic. > >> >> >> So, IMO making TLS mandatory = reduced security, worse user experience, >> and increased costs. >> >> That's progress I guess. > > > I respectfully disagree with your outcome prediction. > >> >> >> >> >> >> >> ------ Original Message ------ >> From: "Stephen Farrell" <stephen.farrell@cs.tcd.ie> >> To: "Willy Tarreau" <w@1wt.eu>; "Mike Belshe" <mike@belshe.com> >> Cc: "William Chan (?????????)" <willchan@chromium.org>; "Tao Effect" >> <contact@taoeffect.com>; "Tim Bray" <tbray@textuality.com>; "James M Snell" >> <jasnell@gmail.com>; "Mark Nottingham" <mnot@mnot.net>; "HTTP Working Group" >> <ietf-http-wg@w3.org> >> Sent: 14/11/2013 10:57:46 a.m. >> Subject: Re: Moving forward on improving HTTP's security >>> >>> >>> I have to agree that the logic here is hard to find. >>> >>> On 11/13/2013 09:54 PM, Willy Tarreau wrote: >>>> >>>> On Wed, Nov 13, 2013 at 01:23:41PM -0800, Mike Belshe wrote: >>>>> >>>>> To paraphrase, you're saying: >>>>> "I don't like TLS because I use the presence of TLS to know that I >>>>> could >>>>> be hacked right now. But if you turn on TLS always, I won't be able to >>>>> tell if I can get hacked." >>>> >>>> >>>> Huh ? No. I mean "The TLS model is fine for me as long as it's used >>>> where >>>> needed and if it's not abused because I expect all actors in the chain >>>> to >>>> care about security". Let's ensure we don't break that weak link from >>>> the >>>> root CAs to me by making its use mandatory for all no-value stuff that >>>> nobody cares about and which will make it normal for everyone to deploy >>>> broken configs and rogue CAs everywhere for the sake of simplicity. >>> >>> >>> Break the link by making it mandatory sounds like wild supposition. >>> >>> S >>> >>>> >>>>> To summarize: >>>>> 1) You're happy with the security you get with TLS to Paypal now >>>>> 2) You're unhappy with that same security (TLS) enforced everywhere >>>>> because it is suddenly less secure. >>>> >>>> >>>> Exactly. >>>> >>>>> This is also illogical. We're not changing TLS. >>>> >>>> >>>> Yes you are. You're not changing the protocol but the economics and >>>> the actors' motives to deliver certs the proper way. When certs are >>>> needed to connect to my printer, I doubt I'll have to order a new >>>> cert every year to connect to it once every 3 years at most to change >>>> its IP address. Instead the manufacturer will want a 10 years cert, >>>> and since he won't be able to get that, some CAs will start to offer >>>> this (possibly at a high price). We'll possibly find it much easier >>>> and cheaper to become a valid CA and to issue certs for anyone. I'm >>>> sorry but the day I can issue a paypal cert myself and have my browser >>>> accept it without me having to do anything with its configuration, I'll >>>> start to get a little bit scared. >>>> >>>> Right now it's simple : TLS is annoying to deploy so you do it where >>>> it matters. It can be free but at least it requires some care and you >>>> are willing to accept that for the sites you value. Once you don't >>>> value anymore the certs you are installing and users start to do wrong >>>> things such as clicking 100 times a day "Ignore this cert error" >>>> because >>>> everyone uses crappy certs, the TLS model will be useless. >>>> >>>> Willy >>>> >>>> >>>> >>>> >>> >> > -- ----- http://www.healthintersections.com.au / grahame@healthintersections.com.au / +61 411 867 065
Received on Thursday, 14 November 2013 00:25:48 UTC