Re: HTTP/2 and Pervasive Monitoring
Eliot Lear <lear@cisco.com> Fri, 15 August 2014 19:45 UTC
Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7E6B11A03D1 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Fri, 15 Aug 2014 12:45:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -15.17
X-Spam-Level:
X-Spam-Status: No, score=-15.17 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.668, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6IMl71rmR7Oh for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Fri, 15 Aug 2014 12:45:21 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E02B71A03D7 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Fri, 15 Aug 2014 12:45:20 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1XINOB-0002ps-L9 for ietf-http-wg-dist@listhub.w3.org; Fri, 15 Aug 2014 19:42:15 +0000
Resent-Date: Fri, 15 Aug 2014 19:42:15 +0000
Resent-Message-Id: <E1XINOB-0002ps-L9@frink.w3.org>
Received: from maggie.w3.org ([128.30.52.39]) by frink.w3.org with esmtp (Exim 4.72) (envelope-from <lear@cisco.com>) id 1XINNr-0002e1-LH for ietf-http-wg@listhub.w3.org; Fri, 15 Aug 2014 19:41:55 +0000
Received: from aer-iport-4.cisco.com ([173.38.203.54]) by maggie.w3.org with esmtps (TLS1.0:RSA_ARCFOUR_SHA1:16) (Exim 4.72) (envelope-from <lear@cisco.com>) id 1XINNq-0008CV-QS for ietf-http-wg@w3.org; Fri, 15 Aug 2014 19:41:55 +0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=1475; q=dns/txt; s=iport; t=1408131715; x=1409341315; h=message-id:date:from:mime-version:to:cc:subject: references:in-reply-to; bh=Gi4wVQscQeUEn29D1n5f0C6KLQxxEM+4c4aOqw30vOQ=; b=ZwBUvo6Nh1wrheSpwtHhqmN6OYGmnou93Pb4hcec47a2hH8Yt1FzHHIX cdKtFEjTZyLWpusf9HaRJJ24/TEUE8u/lfhFKjQuRddJZr7Xbh/T4eUaH b/yepmNC7+XFnXO2Pi8YXt6t5JY4zXR3J+Ll5puS87AkgfDb0YXy2LiM/ k=;
X-Files: signature.asc : 486
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AqIEAKth7lOtJssW/2dsb2JhbABZg2CDU9JtAYEpd4QEAQEEI1UBEAsYCRYLAgIJAwIBAgFFBg0BBwEBiD6uRJUlF49MB4J5gVMBBJMggUqHU4cnjVeDXjuCfgEBAQ
X-IronPort-AV: E=Sophos;i="5.01,872,1400025600"; d="asc'?scan'208";a="138961208"
Received: from aer-iport-nat.cisco.com (HELO aer-core-2.cisco.com) ([173.38.203.22]) by aer-iport-4.cisco.com with ESMTP; 15 Aug 2014 19:41:28 +0000
Received: from [10.61.196.246] ([10.61.196.246]) by aer-core-2.cisco.com (8.14.5/8.14.5) with ESMTP id s7FJfQCS002461; Fri, 15 Aug 2014 19:41:26 GMT
Message-ID: <53EE6263.2000802@cisco.com>
Date: Fri, 15 Aug 2014 21:41:23 +0200
From: Eliot Lear <lear@cisco.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:24.0) Gecko/20100101 Thunderbird/24.6.0
MIME-Version: 1.0
To: Roland Zink <roland@zinks.de>
CC: Mark Nottingham <mnot@mnot.net>, HTTP Working Group <ietf-http-wg@w3.org>
References: <38BD57DB-98A9-4282-82DD-BB89F11F7C84@mnot.net> <53EDFCC9.1080606@cisco.com> <93E15423-C813-43B9-A7D4-C8490D9F6BAD@zinks.de>
In-Reply-To: <93E15423-C813-43B9-A7D4-C8490D9F6BAD@zinks.de>
Content-Type: multipart/signed; micalg="pgp-sha1"; protocol="application/pgp-signature"; boundary="ChgjDFf6UWcCmiHOINCmnaDsUIhCccfS7"
Received-SPF: pass client-ip=173.38.203.54; envelope-from=lear@cisco.com; helo=aer-iport-4.cisco.com
X-W3C-Hub-Spam-Status: No, score=-13.7
X-W3C-Hub-Spam-Report: AWL=-0.431, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.668, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5
X-W3C-Scan-Sig: maggie.w3.org 1XINNq-0008CV-QS 68581eff0cadc258c2acd35dcb7c3231
X-Original-To: ietf-http-wg@w3.org
Subject: Re: HTTP/2 and Pervasive Monitoring
Archived-At: <http://www.w3.org/mid/53EE6263.2000802@cisco.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/26624
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
On 8/15/14, 7:25 PM, Roland Zink wrote: > Don't think that a valid cert really helps here although it may give a > hint about who is responsible. We don't have causality, but we do have data. And so one man's conjecture is as good as the next's. Here's mine: the majority of illicit servers are actually running on hacked systems and the data is being served off a simple HTTP server, where no warning is produced. It costs money to get a cert for that system, which doesn't actually buy the miscreant anything. Eliot
- HTTP/2 and Pervasive Monitoring Mark Nottingham
- Re: HTTP/2 and Pervasive Monitoring Amos Jeffries
- Re: HTTP/2 and Pervasive Monitoring Greg Wilkins
- RE: HTTP/2 and Pervasive Monitoring K.Morgan
- Re: HTTP/2 and Pervasive Monitoring Poul-Henning Kamp
- Re: HTTP/2 and Pervasive Monitoring Mark Nottingham
- Re: HTTP/2 and Pervasive Monitoring Mark Nottingham
- Re: HTTP/2 and Pervasive Monitoring Eliot Lear
- Re: HTTP/2 and Pervasive Monitoring Poul-Henning Kamp
- Re: HTTP/2 and Pervasive Monitoring Martin Nilsson
- Re: HTTP/2 and Pervasive Monitoring Poul-Henning Kamp
- RE: HTTP/2 and Pervasive Monitoring Albert Lunde
- Re: HTTP/2 and Pervasive Monitoring Cory Benfield
- Re: HTTP/2 and Pervasive Monitoring Erik Nygren
- Re: HTTP/2 and Pervasive Monitoring Poul-Henning Kamp
- Re: HTTP/2 and Pervasive Monitoring Roland Zink
- Re: HTTP/2 and Pervasive Monitoring Martin Thomson
- Re: HTTP/2 and Pervasive Monitoring Brian Smith
- Re: HTTP/2 and Pervasive Monitoring Poul-Henning Kamp
- Re: HTTP/2 and Pervasive Monitoring Eliot Lear
- Re: HTTP/2 and Pervasive Monitoring Greg Wilkins
- Re: HTTP/2 and Pervasive Monitoring Greg Wilkins
- Re: HTTP/2 and Pervasive Monitoring Poul-Henning Kamp
- Re: HTTP/2 and Pervasive Monitoring Stephen Farrell
- Re: HTTP/2 and Pervasive Monitoring Poul-Henning Kamp
- Re: HTTP/2 and Pervasive Monitoring Roland Zink
- Re: HTTP/2 and Pervasive Monitoring Stephen Farrell
- Re: HTTP/2 and Pervasive Monitoring Amos Jeffries
- Re: HTTP/2 and Pervasive Monitoring Eliot Lear
- Re: HTTP/2 and Pervasive Monitoring Poul-Henning Kamp
- Re: HTTP/2 and Pervasive Monitoring Poul-Henning Kamp
- Re: HTTP/2 and Pervasive Monitoring Ilari Liusvaara
- Re: HTTP/2 and Pervasive Monitoring Mark Nottingham
- Re: HTTP/2 and Pervasive Monitoring Greg Wilkins
- Re: HTTP/2 and Pervasive Monitoring Poul-Henning Kamp
- Re: HTTP/2 and Pervasive Monitoring Martin Thomson
- Re: HTTP/2 and Pervasive Monitoring Poul-Henning Kamp
- Re: HTTP/2 and Pervasive Monitoring Martin Thomson
- Re: HTTP/2 and Pervasive Monitoring Poul-Henning Kamp