Re: SSL/TLS everywhere fail

------ Original Message ------
From: "Mike Belshe" <mike@belshe.com>

>
>Go go go http2 and mandatory SSL everywhere.  Next step - eliminate 
>MITM.  We haven't done that well yet, but its coming.
>
>
I think before you eliminate MiTM you better eliminate malware, and 
insecure sites that get hacked and become driveby attack sites.

And you better be prepared for everyone on the internet to forego 
caching.

I presume google will pay for infrastucture upgrade over the entire 
world so that people can get fast enough internet to not need caching?

Time to start working on a successor to TLS I guess for the sites we 
really want to be secure.



>
>
>On Thu, Dec 3, 2015 at 5:15 AM, Poul-Henning Kamp <phk@phk.freebsd.dk> 
>wrote:
>>--------
>>In message <56602858.2000005@treenet.co.nz>, Amos Jeffries writes:
>> >On 3/12/2015 12:42 p.m., Willy Tarreau wrote:
>>
>> >>> That happened faster than even I thought:
>> >>>
>> >>>     http://telecom.kz/en/news/view/18729
>> >>
>> >Can anyone elighten me; was that a phish? or an actual government 
>>action?
>>
>>It seems legit.  People on hacker-news seems to have found the
>>underlying government directives:
>>
>>         https://news.ycombinator.com/item?id=10665344
>>
>>
>>--
>>Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
>>phk@FreeBSD.ORG         | TCP/IP since RFC 956
>>FreeBSD committer       | BSD since 4.3-tahoe
>>Never attribute to malice what can adequately be explained by 
>>incompetence.
>>
>

Received on Thursday, 3 December 2015 20:37:44 UTC