Re: 2 questions

(sending again as a subscriber, as I think this message went unnoticed)

Thanks for the replies.

1. As far as I understand it (which is not very far), opportunistic 
encryption is neither "by default" (since it requires extra server-side 
configuration) nor secure (no MITM protection, etc.)

I'm okay with HTTP/2 without TLS, however (my opinion):

a) User agents MUST show a security warning before you submit data over 
HTTP (you could have a "remember this choice" option per-user and 
per-domain). As far as I know, this is not currently implemented in any 
browsers (I think if you submit to an HTTP domain from an HTTPS one, you 
may receive a warning). The main point is, it's more important that 
users know that they're on an INSECURE domain, than it is that they are 
on a SECURE one (by then it's too late).

b) All vendors should support it. If I decide that my site does not 
require encryption (f.e. it's a read-only website or a website that runs 
within a LAN [like a router page]), then I should not be forced to use 
it in order to run over HTTP/2. I think that Mozilla and Google probably 
have good intentions, but I don't think that they have made the right 
decision at all. We don't want to go back to the stage where every 
browser was doing its own thing, and causing massive headaches for 
developers and even end-users. There are ways (see above) to make the 
web more secure (by default) without forcing anything on anyone. It's 
kind of like smoking – it's bad for you, and we should warn against it, 
but at the end of the day every person reserves the right to do as they 
please (screw up their lungs, or submit their (possibly) private 
information over an insecure connection.

2. Not being able to safely compress content seems like a big problem. 
Are there any (content) compression algorithms that are not susceptible 
to these vulnerabilities, or has there been any discussion regarding the 
development of a new algorithm to combat these issues? From what I know, 
compressing content can have a significant (positive) effect on 
performance, so it would be really unfortunate if this was no longer 
possible without exposing your website to various security exploits.

Glen.

On 2015/03/28 16:43, Glen wrote:
> Hi,
>
> I have 2 questions, if I may.
>
> 1. What were the reasons for HTTP/2 not requiring TLS?
>
> Is there a significant performance consideration, is it related to the
> cost of certificates (which is now fairly low or even free), or are
> there other technical reasons?
>
> It would be nice if the web was just "secure by default", and I would
> have thought that now would be the right time to move in that direction.
>
> Also, at least 2 of the major browser vendors have said that they
> won't be supporting HTTP/2 without TLS, so surely no one is going to
> want to run their website without it?
>
> 2. Are the BREACH and CRIME exploits still applicable, especially with
> regard to content (body) compression? If so, does that mean that it's
> not possible to compress content (with gzip, for example) and still
> maintain security?
>
> Please respond as if I were a layman, as my knowledge on these
> subjects is somewhat limited.
>
> Thanks.

Received on Friday, 10 April 2015 09:54:07 UTC