Re: [Int-area] New version of WPADNG from Watson Ladd on 2024-07-18 (ietf-http-wg@w3.org from July to September 2024)

From: Watson Ladd <watsonbladd@gmail.com>
Date: Wed, 17 Jul 2024 20:00:37 -0700
To: Josh Cohen <joshco@gmail.com>
Cc: David Schinazi <dschinazi.ietf@gmail.com>, int-area@ietf.org, ietf-http-wg@w3.org
Message-ID: <CACsn0ckn1fgZ605hpnzpgsRopQqGZ7g0cwuSsfQSjC0jguRG6g@mail.gmail.com>

On Wed, Jul 17, 2024, 7:36 PM Josh Cohen <joshco@gmail.com> wrote:
>
> You lost me with the nuclear submarine reference.  I'm guessing instead of a terminal room, the IETF now has a navy?

https://en.m.wikipedia.org/wiki/USS_Jimmy_Carter She wasn't made for
sitting around.

>
> The coffee shop gives you your IP address, default route to the Internet, DNS servers and other DHCP options. It often has a captive portal, which may also have a transparent proxy that filters, can eavesdrop or otherwise abuse you. It is *their* network after all, you are just a guest.  That's aside from chai latte sipping wifi snoopers and the general jungle of public wifi.

So what's WPAD doing here? It's just another way to get that traffic
to the wrong place. Again, the Internet threat model has the network
be untrusted. That might be bad news for the vendors of devices that
don't work that way, but that's what the RFC and design says. And
indeed the coffee shop router shouldn't be trusted.

>
>
> I'm definitely getting the "WPAD suxorz" vibe, but what's missing are answers to how scenarios WPAD currently addresses will be addressed without it.
>
> At work, your computer uses your enterprise's proxy.  When you arrive at the coffeeshop, will you go into your computer's settings and turn off the proxy?  When you go back to work the next day, will you go back into your settings and turn it on again?

I think this scenario is due to some fundamental confusion. What is
the enterprise proxy doing? Why is it safe to turn off that function
at the coffeeshop or entrust it to some random person given the
computer will be back on the network the next day? And if the
enterprise network needs to administer hosts, it can do that through
much better ways.

>
>
>
> On Wed, Jul 17, 2024 at 7:50 PM Watson Ladd <watsonbladd@gmail.com> wrote:
>>
>> One adversary is willing to devote an entire nuclear submarine to the
>> task. They are more than willing to use existing vulnerabilities in
>> ways that you never hear about because they are good at their jobs.
>>
>> If you use network links to configure your device, and the device goes
>> to the coffeeshop, that coffeeshop gets to configure the device.
>> That's just inherently a bad idea, and always has been.
>>
>> Sincerely,
>> Watson Ladd
>>
>> --
>> Astra mortemque praestare gradatim
>
>
>
> --
>
> ---
> Josh Cohen

Received on Thursday, 18 July 2024 03:00:54 UTC