Re: HTTP/2 and Pervasive Monitoring

"Poul-Henning Kamp" <phk@phk.freebsd.dk> Wed, 20 August 2014 07:34 UTC

Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7A94A1A001D for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 20 Aug 2014 00:34:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.46
X-Spam-Level:
X-Spam-Status: No, score=-2.46 tagged_above=-999 required=5 tests=[BAYES_50=0.8, FRT_DOLLAR=2.41, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.668, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aQz7b6PpZoWE for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 20 Aug 2014 00:34:02 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C68BE1A000A for <httpbisa-archive-bis2Juki@lists.ietf.org>; Wed, 20 Aug 2014 00:34:02 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1XK0Lw-0003qp-D6 for ietf-http-wg-dist@listhub.w3.org; Wed, 20 Aug 2014 07:30:40 +0000
Resent-Date: Wed, 20 Aug 2014 07:30:40 +0000
Resent-Message-Id: <E1XK0Lw-0003qp-D6@frink.w3.org>
Received: from maggie.w3.org ([128.30.52.39]) by frink.w3.org with esmtp (Exim 4.72) (envelope-from <phk@phk.freebsd.dk>) id 1XK0LS-0001ed-1U for ietf-http-wg@listhub.w3.org; Wed, 20 Aug 2014 07:30:10 +0000
Received: from phk.freebsd.dk ([130.225.244.222]) by maggie.w3.org with esmtp (Exim 4.72) (envelope-from <phk@phk.freebsd.dk>) id 1XK0LK-0003Iv-1a for ietf-http-wg@w3.org; Wed, 20 Aug 2014 07:30:09 +0000
Received: from critter.freebsd.dk (unknown [192.168.60.3]) by phk.freebsd.dk (Postfix) with ESMTP id 7A9E916D0; Wed, 20 Aug 2014 07:29:39 +0000 (UTC)
Received: from critter.freebsd.dk (localhost [127.0.0.1]) by critter.freebsd.dk (8.14.9/8.14.9) with ESMTP id s7K7TcYO010690; Wed, 20 Aug 2014 07:29:38 GMT (envelope-from phk@phk.freebsd.dk)
To: Mark Nottingham <mnot@mnot.net>
cc: HTTP Working Group <ietf-http-wg@w3.org>
In-reply-to: <A9F561E4-E5C6-4E1D-89B1-F1EDA9FA1BAC@mnot.net>
From: Poul-Henning Kamp <phk@phk.freebsd.dk>
References: <38BD57DB-98A9-4282-82DD-BB89F11F7C84@mnot.net> <4851.1408094168@critter.freebsd.dk> <EB5B7C64-165B-48F1-94FF-1354E917A10F@mnot.net> <5871.1408106089@critter.freebsd.dk> <A9F561E4-E5C6-4E1D-89B1-F1EDA9FA1BAC@mnot.net>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-ID: <10688.1408519778.1@critter.freebsd.dk>
Content-Transfer-Encoding: quoted-printable
Date: Wed, 20 Aug 2014 07:29:38 +0000
Message-ID: <10689.1408519778@critter.freebsd.dk>
Received-SPF: none client-ip=130.225.244.222; envelope-from=phk@phk.freebsd.dk; helo=phk.freebsd.dk
X-W3C-Hub-Spam-Status: No, score=-3.8
X-W3C-Hub-Spam-Report: AWL=-3.082, RP_MATCHES_RCVD=-0.668
X-W3C-Scan-Sig: maggie.w3.org 1XK0LK-0003Iv-1a cc5d153aff1eff9471a935c6deacb996
X-Original-To: ietf-http-wg@w3.org
Subject: Re: HTTP/2 and Pervasive Monitoring
Archived-At: <http://www.w3.org/mid/10689.1408519778@critter.freebsd.dk>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/26676
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

--------
In message <A9F561E4-E5C6-4E1D-89B1-F1EDA9FA1BAC@mnot.net>, Mark Nottingham wri
tes:

>> By by whitening the present HTTP plaintext traffic with TLS, even
>> with quite weak cipher-suites, we dramatically increase the cost
>> of the postanalysis step, instantly making that filter impossible.
>
>Right. What I'm saying is that if they can distinguish Opp-Sec traffic 
>from HTTPS traffic, they can take *all* Opp-Sec traffic and MITM it 
>without being detected (presuming we don't layer on other checks, which 
>raise the cost of deploying Opp-Sec). 
>
>It's true that they can't just tcpdump any more; they have to terminate 
>TLS, so this *does* raise the cost of PM somewhat; my concern is that 
>it's not enough, given the amount of cash being thrown at PM and the 
>continuously reducing cost of terminating TLS.

We're in control of how hard we make it for them and therefore we
can always outprice them.  The tradeoff is that we hurt our own
costs as well, but at a much less steep scale.

>I'm curious; do Ilari's numbers 
><http://www.w3.org/mid/20140817120844.GA1346@LK-Perkele-VII> change your 
>mind at all?

No.

I don't think the algorithm matters, as long as it's not buggy, the
bruteforcing will be done against the keys used.


-- 
Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.