- From: Benjamin Carlyle <benjamincarlyle@soundadvice.id.au>
- Date: Fri, 10 Apr 2015 00:25:04 +1000
- To: Glen <glen.84@gmail.com>
- Cc: "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
On 29 March 2015 at 00:43, Glen <glen.84@gmail.com> wrote: > 1. What were the reasons for HTTP/2 not requiring TLS? I know this issue has been canvassed many times on the list, but I thought since I am writing emails tonight I would share a perspective that I think is novel on this list. To restate from my last email, I mostly use HTTP/1.1, SPDY, and soon will h2 in the context of highly available safety-related (not safety-critical) SCADA systems. Firstly, I mostly like the use of TLS on the web. I think it is well warranted. However in my environments I'm typically dealing with "secure" networks where other protections exist at the IP layer or below that ensure many of the properties that TLS provides. These generally are isolated networks with air gaps to the Internet or at least some multiple layers of networks and restrictive firewalls before the Internet can be reached. Changes to these networks go through processes to ensure isolation is maintained to the desired degree, and privacy is not a concern. Rather, if there is a concern it is potential attacks on the system and related infrastructure. In fact eliminating privacy and having every action be fully accountable is a requirement. My primary concerns in this environment are about high availability, maintainability, and durability of the system. In my line of work I often come across systems that have been in place for twenty years, some still with serial communications, some devices still on the network but if they failed would require some digging through paperwork to even find their physical location. Some using network technologies that are obsolete and are still running only due to careful spares management. Replacing these systems is expensive and the accountants like to amortise the expense over a long period of time. Traditionally HTTP has been a good next protocol to replace some of the older system protocols. It is generally possible to connect quite old and quite new HTTP implementations together and have them interoperate, and the focus on text-based communications has meant that reverse-engineering is likely possible when an incompatibility does come up and some form of information plumbing is possible to join both ends together. h2 has largely maintained these properties albeit with a compatibility break from HTTP/1.1 and with somewhat reduced debuggability / increased plumbing complexity due to header compression and the like. TLS brings roughly the same hazards for both HTTP/1.1 and h2, such as: - opaque data streams that are difficult to put a logic probe (wireshark) into for reverse engineering purposes - certificates that need to be acquired, or self-signed certificates that need to be distributed. This can mean that certificate trust needs to be installed on a replacement unit before it is sent out into the field in case of a hardware failure - the possibility that a certificate will unexpectedly expire. If you have hundreds of devices around a network in awkward places across a metropolitan-sized system then the tracking of regular maintenance activities such as these can be non-trivial - The cipher suites eventually become outdated, and you can end up with a patchwork of equipment of various ages that have old-to-the-point-of-useless encryption that newer devices won't want to talk to, and potentially a bunch of equipment in between these extremes. More to track, more to get right. More difficulty supporting old equipment. - TLS tends to couple the software implementation to end device. In this business you tend not to want to update a device, but instead to offload things that need regular maintenance onto a separate component that you can physically replace. For example you might have a handful of field units at a given location connected to an industrial router. It is the router we would want to be taking on the encryption function rather than the individual devices because touching one of the devices requires much more expensive installation and revalidation work. None of the problems are insurmountable and maybe just making sure that TLS offload for h2 is well supported and well understood will be enough to resolve them. But basically as it is the positives of TLS seem generally more like net negatives in this environment. These may also be somewhat temporary objections. The systems are always moving closer to being core business systems rather than solely control systems so both customer and suppliers are moving closer to conventional IT practices. It may be that in another twenty years the systems and practices I'm seeing will all be gone, but given the distributed nature of the systems I think there will always be some differences to the Web.
Received on Thursday, 9 April 2015 14:25:36 UTC