Re: 2 questions

On 30.03.2015 14:29, Adrien de Croy wrote:
>
> well from where I stand there is a certain amount of duress being 
> applied to move people to TLS.
>
> * browser vendors saying they won't support plaintext (I wonder how 
> long that will last)
me too as this doesn't seem to be much effort
> * not really much effort going into working through issues with 
> plaintext version since it's always supposedly assumed that it won't 
> really be used and people will stick with 1.1 or go to https, and 
> issues will be solved.  Somehow.  Maybe.  Hopefully.
It is easier to upgrade to an http2 capable server than to switch to 
https. So I would prefer to see plaintext http2 as well.
>
> not many other options have been seriously considered for solving the 
> presumed problem of bad things happening on port 80.  Like moving to 
> another port.  100 is still available.
 From a network perspective this seems to logical thing to do. A 
different port probably means a different URL scheme (http2 lovely), but 
this then shows ossification at the content provider side (not the usual 
middle box claim), so I guess this will not fly.
>
> It is reasonable to want to avoid bad things but there are other ways 
> than TLS, but thanks to the push to https everywhere now everyone has 
> a MITM that will probably make port 443 just as broken as port 80.  
> Maybe not quite, since I guess ISPs are less likely to do that.  But 
> still a lot worse now than 2 years ago.
TLS is not end to end. It is well adjusted to the content provider side 
which could choose where to terminate TLS and can throw in any number of 
third parties which even gets delivered the original URL through the 
referer header. Servers can impersonate any number of identities and get 
hints how to cheat (SNI). The user on the other side has no choice, she 
doesn't get notified about the third parties and can't deploy any 
infrastructure to protect her.
>
> Not to mention the concerns around moving en masse to TLS and what 
> that will do for the security of TLS itself.  I'm not sure it's ready 
> for the load.  CA compromises will affect a lot more sites. They do 
> happen and will continue to do so, especially as the bounty goes up by 
> a few orders of magnitude.  A lot of eggs going into not many (CA) 
> baskets.
>
Giving the Internet to a small number of CAs seems also to be risky. If 
they don't like your opinion they can just revoke your certificate. 
Currently you can just get a different certificate from somebody else 
but for example with key pinning this may become more difficult.

Encryption costs energy. I heard different numbers and the numbers seem 
to go down over the years but fighting against global warming seems not 
to be an IETF goal.

In my opinion the discussion about using http2 and TLS should be 
separate and luckily http2 has both cleartext and TLS.

Regards,
Roland

Received on Monday, 30 March 2015 13:58:01 UTC