More of a nightmare than a challenge, but such is UI, and I thank my lucky stars to not have to deal with it right now! Being able to run a handshake in parallel with whatever else can only happen when one doesn't need or want the integrity handshake, which is necessary for detecting a malicious filtering MITM (and yes one can never *prevent* such, but detection is quite important). -=R On Tue, Nov 19, 2013 at 5:23 PM, Poul-Henning Kamp <phk@phk.freebsd.dk>wrote: > In message < > CAP+FsNcNtdo9amaboDDDWbMGz47DgCed6q-BS_zLB275Y_MN4w@mail.gmail.com> > , Roberto Peon writes: > > >Exposing the framing/length of things that would be in an > >encrypted-by-TLS bytestream today, however, does worry me-- > >it makes BEAST/CRIME-like attacks significantly more difficult > >to protect against. > > Absolutely. > > And there is no doubt either that there is an UI challenge in > communicating the security situation, if the various elements you > see are protected to different levels and degrees. > > But there are also many benefits, for instance being able to > run the crypto-handshake in parallel with delivery of the first > unprotected page elements, rather than stall everything until TLS > has gotten its bits sorted out. > > > -- > Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 > phk@FreeBSD.ORG | TCP/IP since RFC 956 > FreeBSD committer | BSD since 4.3-tahoe > Never attribute to malice what can adequately be explained by incompetence. >
Received on Wednesday, 20 November 2013 01:33:47 UTC