Re: PRISM and HTTP/2.0
Stephen Farrell <stephen.farrell@cs.tcd.ie> Sat, 13 July 2013 10:49 UTC
Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6069521F9E4C for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sat, 13 Jul 2013 03:49:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.203
X-Spam-Level:
X-Spam-Status: No, score=-9.203 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, MIME_QP_LONG_LINE=1.396, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id z-voZjoOGcar for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sat, 13 Jul 2013 03:49:30 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) by ietfa.amsl.com (Postfix) with ESMTP id A5FC521F8AB3 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Sat, 13 Jul 2013 03:49:30 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1UxxN5-0007Je-VN for ietf-http-wg-dist@listhub.w3.org; Sat, 13 Jul 2013 10:48:12 +0000
Resent-Date: Sat, 13 Jul 2013 10:48:11 +0000
Resent-Message-Id: <E1UxxN5-0007Je-VN@frink.w3.org>
Received: from lisa.w3.org ([128.30.52.41]) by frink.w3.org with esmtp (Exim 4.72) (envelope-from <stephen.farrell@cs.tcd.ie>) id 1UxxMx-0007H6-OS for ietf-http-wg@listhub.w3.org; Sat, 13 Jul 2013 10:48:03 +0000
Received: from mercury.scss.tcd.ie ([134.226.56.6]) by lisa.w3.org with esmtp (Exim 4.72) (envelope-from <stephen.farrell@cs.tcd.ie>) id 1UxxMw-0000QD-KL for ietf-http-wg@w3.org; Sat, 13 Jul 2013 10:48:03 +0000
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id A61C5BEC4; Sat, 13 Jul 2013 11:47:35 +0100 (IST)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GR6L20u9mtCG; Sat, 13 Jul 2013 11:47:33 +0100 (IST)
Received: from [10.37.167.41] (unknown [95.83.248.96]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 80C8EBE7D; Sat, 13 Jul 2013 11:47:33 +0100 (IST)
References: <5672.1373710085@critter.freebsd.dk>
Mime-Version: 1.0 (1.0)
In-Reply-To: <5672.1373710085@critter.freebsd.dk>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Message-Id: <73FAE29B-76F5-4F69-B6C5-77DB653C0F2E@cs.tcd.ie>
Cc: HTTP Working Group <ietf-http-wg@w3.org>
X-Mailer: iPhone Mail (10B329)
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Date: Sat, 13 Jul 2013 11:47:25 +0100
To: Poul-Henning Kamp <phk@phk.freebsd.dk>
Received-SPF: none client-ip=134.226.56.6; envelope-from=stephen.farrell@cs.tcd.ie; helo=mercury.scss.tcd.ie
X-W3C-Hub-Spam-Status: No, score=-0.0
X-W3C-Hub-Spam-Report: MIME_QP_LONG_LINE=0.001, T_RP_MATCHES_RCVD=-0.01
X-W3C-Scan-Sig: lisa.w3.org 1UxxMw-0000QD-KL d780aeeb82461d3c543016f9255191cb
X-Original-To: ietf-http-wg@w3.org
Subject: Re: PRISM and HTTP/2.0
Archived-At: <http://www.w3.org/mid/73FAE29B-76F5-4F69-B6C5-77DB653C0F2E@cs.tcd.ie>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/18742
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
On 13 Jul 2013, at 11:08, Poul-Henning Kamp <phk@phk.freebsd.dk> wrote: > > I would like to advocate that everybody spends a little bit of time > reconsidering how we design protocols after the PRISM disclosures. > > We don't need to have a long discussion about the actual legality > of the US spy operation, the sheer scale and the kind of efforts > that went in to it is the relevant message to us. > > The take-home message is that encryption will be broken, disabled, > circumvented og watered down, if it gets in the way of political > objectives. > > We can do three things in light of this: > > 1) We can try to add more encryption to fight back. Sounds good. We probably need better implementation and more deployment as well. > > 2) We can recognize that there needs to be hooks for duly authorized access. That's not for this WG IMO. RFC 2804 is a BCP that says that. > > 3) We can change or at least influence the political objectives Not for the IETF IMO. S > > I think PRISM is ample evidence that #1 will have the 100% certain > result is that all encryption will be circumvented, with bogus CA > certs all the way up to PRISM and designed-in backdoors, and the > net result is less or even no privacy for anybody everywhere. > > In my view, that would be very counterproductive. > > #2 is not without challenges, but at least there are plausible paths > from there to a state of affairs where innocent people might still > have access to private communications, and it might seem to be a > necessary precondition for any hope on #3 > > #3 is clearly not inside HTTPbis scope, but it may be time for > all good nerds to come to the aid of their country and humanity. > > A "market based" argument can be made under #3, that if we design > protocols with the necessary access (#2), programs like PRISM will > not be cost effective, but that will take some serious effort > of education and politics. > > Anyway: Edward Snowden has moved the rug under the HTTP/2.0 > standardization process, and we should not ignore that. > > Think about it. > > -- > Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 > phk@FreeBSD.ORG | TCP/IP since RFC 956 > FreeBSD committer | BSD since 4.3-tahoe > Never attribute to malice what can adequately be explained by incompetence. >
- PRISM and HTTP/2.0 Poul-Henning Kamp
- Re: PRISM and HTTP/2.0 Stephen Farrell
- Re: PRISM and HTTP/2.0 Mike Belshe
- Re: PRISM and HTTP/2.0 J Ross Nicoll
- Re: PRISM and HTTP/2.0 Roberto Peon
- Re: PRISM and HTTP/2.0 Nicolas Mailhot
- Re: PRISM and HTTP/2.0 Mark Nottingham
- Re: PRISM and HTTP/2.0 Poul-Henning Kamp
- Re: PRISM and HTTP/2.0 Reto Bachmann-Gmür
- Re: PRISM and HTTP/2.0 Nico Williams
- Re: PRISM and HTTP/2.0 Amos Jeffries
- Re: PRISM and HTTP/2.0 Reto Bachmann-Gmür
- Re: PRISM and HTTP/2.0 Nico Williams
- Re: PRISM and HTTP/2.0 Reto Bachmann-Gmür