- From: Poul-Henning Kamp <phk@phk.freebsd.dk>
- Date: Wed, 20 Aug 2014 07:29:38 +0000
- To: Mark Nottingham <mnot@mnot.net>
- cc: HTTP Working Group <ietf-http-wg@w3.org>
-------- In message <A9F561E4-E5C6-4E1D-89B1-F1EDA9FA1BAC@mnot.net>, Mark Nottingham wri tes: >> By by whitening the present HTTP plaintext traffic with TLS, even >> with quite weak cipher-suites, we dramatically increase the cost >> of the postanalysis step, instantly making that filter impossible. > >Right. What I'm saying is that if they can distinguish Opp-Sec traffic >from HTTPS traffic, they can take *all* Opp-Sec traffic and MITM it >without being detected (presuming we don't layer on other checks, which >raise the cost of deploying Opp-Sec). > >It's true that they can't just tcpdump any more; they have to terminate >TLS, so this *does* raise the cost of PM somewhat; my concern is that >it's not enough, given the amount of cash being thrown at PM and the >continuously reducing cost of terminating TLS. We're in control of how hard we make it for them and therefore we can always outprice them. The tradeoff is that we hurt our own costs as well, but at a much less steep scale. >I'm curious; do Ilari's numbers ><http://www.w3.org/mid/20140817120844.GA1346@LK-Perkele-VII> change your >mind at all? No. I don't think the algorithm matters, as long as it's not buggy, the bruteforcing will be done against the keys used. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence.
Received on Wednesday, 20 August 2014 07:30:10 UTC