Re: HTTP/2 and Pervasive Monitoring
"Poul-Henning Kamp" <phk@phk.freebsd.dk> Fri, 15 August 2014 18:57 UTC
Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EDF671A0295 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Fri, 15 Aug 2014 11:57:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.57
X-Spam-Level:
X-Spam-Status: No, score=-7.57 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.668, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UGkDa0Y7cq3M for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Fri, 15 Aug 2014 11:57:19 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 683241A028B for <httpbisa-archive-bis2Juki@lists.ietf.org>; Fri, 15 Aug 2014 11:57:19 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1XIMeD-0004zr-2p for ietf-http-wg-dist@listhub.w3.org; Fri, 15 Aug 2014 18:54:45 +0000
Resent-Date: Fri, 15 Aug 2014 18:54:45 +0000
Resent-Message-Id: <E1XIMeD-0004zr-2p@frink.w3.org>
Received: from lisa.w3.org ([128.30.52.41]) by frink.w3.org with esmtp (Exim 4.72) (envelope-from <phk@phk.freebsd.dk>) id 1XIMdv-0004yz-Cv for ietf-http-wg@listhub.w3.org; Fri, 15 Aug 2014 18:54:27 +0000
Received: from phk.freebsd.dk ([130.225.244.222]) by lisa.w3.org with esmtp (Exim 4.72) (envelope-from <phk@phk.freebsd.dk>) id 1XIMdt-0002kx-Oa for ietf-http-wg@w3.org; Fri, 15 Aug 2014 18:54:27 +0000
Received: from critter.freebsd.dk (unknown [192.168.60.3]) by phk.freebsd.dk (Postfix) with ESMTP id D42B116D0; Fri, 15 Aug 2014 18:54:02 +0000 (UTC)
Received: from critter.freebsd.dk (localhost [127.0.0.1]) by critter.freebsd.dk (8.14.9/8.14.9) with ESMTP id s7FIs1kb007375; Fri, 15 Aug 2014 18:54:01 GMT (envelope-from phk@phk.freebsd.dk)
To: Martin Thomson <martin.thomson@gmail.com>
cc: Erik Nygren <erik@nygren.org>, Mark Nottingham <mnot@mnot.net>, HTTP Working Group <ietf-http-wg@w3.org>
In-reply-to: <CABkgnnXc9Di3-eLSrbhFDTwGkPmmnig67x-3-t0fCTM3c2YTFQ@mail.gmail.com>
From: Poul-Henning Kamp <phk@phk.freebsd.dk>
References: <38BD57DB-98A9-4282-82DD-BB89F11F7C84@mnot.net> <4851.1408094168@critter.freebsd.dk> <CAKC-DJjFk9==Y4ayn=A-fZBaEt-G_+n=XQ9B8rKqWaT-LQh3vQ@mail.gmail.com> <6574.1408114238@critter.freebsd.dk> <CABkgnnXc9Di3-eLSrbhFDTwGkPmmnig67x-3-t0fCTM3c2YTFQ@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-ID: <7373.1408128840.1@critter.freebsd.dk>
Content-Transfer-Encoding: quoted-printable
Date: Fri, 15 Aug 2014 18:54:01 +0000
Message-ID: <7374.1408128841@critter.freebsd.dk>
Received-SPF: none client-ip=130.225.244.222; envelope-from=phk@phk.freebsd.dk; helo=phk.freebsd.dk
X-W3C-Hub-Spam-Status: No, score=-3.7
X-W3C-Hub-Spam-Report: AWL=-3.068, RP_MATCHES_RCVD=-0.668
X-W3C-Scan-Sig: lisa.w3.org 1XIMdt-0002kx-Oa a5f5c262fa1dff011eb41c169a447448
X-Original-To: ietf-http-wg@w3.org
Subject: Re: HTTP/2 and Pervasive Monitoring
Archived-At: <http://www.w3.org/mid/7374.1408128841@critter.freebsd.dk>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/26622
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
-------- In message <CABkgnnXc9Di3-eLSrbhFDTwGkPmmnig67x-3-t0fCTM3c2YTFQ@mail.gmail.com> , Martin Thomson writes: >On 15 August 2014 07:50, Poul-Henning Kamp <phk@phk.freebsd.dk> wrote: >> I was talking only conceptually here, the actual protocol mechanics >> will be at least as tricky as HTTP/1 -> HTTP/2 upgrade. > >I've talked with several people about HTTP/1.1 and the mechanisms >we've defined. They are portable - in theory. ...and in theory that means that they will work in practice :-) >Incidentally, the difference between good crypto and bad crypto here >is that good crypto is fast and secure and bad crypto is just bad. What is good and what is bad crypto, depends a LOT on what your ephemeral lifetime requirement is,. And incidentally, cryptographers have a very strong tendency to forget that all crypto is ephemeral in the first place, because the usually unstated requirement is that the ephemeral lifetime be longer than the probable duration of the universe. For the isolated problem of defeating PM, the ephemeral lifetime requirement is a few seconds, reducing the customary 128+ bits to something on the order of 32. Good crypto which only lasts a couple of seconds would be terribly bad crypto in almost any other context. But conversely, a lot of crypto deemed bad or even "horrible" in normal contexts will be perfectly good crypto for the purpose of defeating PM. I'm not taking a position on what specific algorithms would or wouldn't be suitable here, but I will point out that it is much more important that it does 10Gbit/s on commodity hardware, so loadbalancers and such can keep up, than it be able to survive systematic attack for more than few seconds. If it wasn't because of the almost-always-known-plaintest property of HTTP headers, a simple XOR with a 32bit random number would be enough. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence.
- HTTP/2 and Pervasive Monitoring Mark Nottingham
- Re: HTTP/2 and Pervasive Monitoring Amos Jeffries
- Re: HTTP/2 and Pervasive Monitoring Greg Wilkins
- RE: HTTP/2 and Pervasive Monitoring K.Morgan
- Re: HTTP/2 and Pervasive Monitoring Poul-Henning Kamp
- Re: HTTP/2 and Pervasive Monitoring Mark Nottingham
- Re: HTTP/2 and Pervasive Monitoring Mark Nottingham
- Re: HTTP/2 and Pervasive Monitoring Eliot Lear
- Re: HTTP/2 and Pervasive Monitoring Poul-Henning Kamp
- Re: HTTP/2 and Pervasive Monitoring Martin Nilsson
- Re: HTTP/2 and Pervasive Monitoring Poul-Henning Kamp
- RE: HTTP/2 and Pervasive Monitoring Albert Lunde
- Re: HTTP/2 and Pervasive Monitoring Cory Benfield
- Re: HTTP/2 and Pervasive Monitoring Erik Nygren
- Re: HTTP/2 and Pervasive Monitoring Poul-Henning Kamp
- Re: HTTP/2 and Pervasive Monitoring Roland Zink
- Re: HTTP/2 and Pervasive Monitoring Martin Thomson
- Re: HTTP/2 and Pervasive Monitoring Brian Smith
- Re: HTTP/2 and Pervasive Monitoring Poul-Henning Kamp
- Re: HTTP/2 and Pervasive Monitoring Eliot Lear
- Re: HTTP/2 and Pervasive Monitoring Greg Wilkins
- Re: HTTP/2 and Pervasive Monitoring Greg Wilkins
- Re: HTTP/2 and Pervasive Monitoring Poul-Henning Kamp
- Re: HTTP/2 and Pervasive Monitoring Stephen Farrell
- Re: HTTP/2 and Pervasive Monitoring Poul-Henning Kamp
- Re: HTTP/2 and Pervasive Monitoring Roland Zink
- Re: HTTP/2 and Pervasive Monitoring Stephen Farrell
- Re: HTTP/2 and Pervasive Monitoring Amos Jeffries
- Re: HTTP/2 and Pervasive Monitoring Eliot Lear
- Re: HTTP/2 and Pervasive Monitoring Poul-Henning Kamp
- Re: HTTP/2 and Pervasive Monitoring Poul-Henning Kamp
- Re: HTTP/2 and Pervasive Monitoring Ilari Liusvaara
- Re: HTTP/2 and Pervasive Monitoring Mark Nottingham
- Re: HTTP/2 and Pervasive Monitoring Greg Wilkins
- Re: HTTP/2 and Pervasive Monitoring Poul-Henning Kamp
- Re: HTTP/2 and Pervasive Monitoring Martin Thomson
- Re: HTTP/2 and Pervasive Monitoring Poul-Henning Kamp
- Re: HTTP/2 and Pervasive Monitoring Martin Thomson
- Re: HTTP/2 and Pervasive Monitoring Poul-Henning Kamp