Re: PRISM and HTTP/2.0
Mike Belshe <mike@belshe.com> Sat, 13 July 2013 18:44 UTC
Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AE7EF21F9AAF for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sat, 13 Jul 2013 11:44:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.976
X-Spam-Level:
X-Spam-Status: No, score=-9.976 tagged_above=-999 required=5 tests=[AWL=-0.000, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SgcETmwcj8Qx for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sat, 13 Jul 2013 11:44:34 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) by ietfa.amsl.com (Postfix) with ESMTP id 0948D21F9DFC for <httpbisa-archive-bis2Juki@lists.ietf.org>; Sat, 13 Jul 2013 11:44:20 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1Uy4nZ-0005cH-5j for ietf-http-wg-dist@listhub.w3.org; Sat, 13 Jul 2013 18:44:01 +0000
Resent-Date: Sat, 13 Jul 2013 18:44:01 +0000
Resent-Message-Id: <E1Uy4nZ-0005cH-5j@frink.w3.org>
Received: from lisa.w3.org ([128.30.52.41]) by frink.w3.org with esmtp (Exim 4.72) (envelope-from <mike@belshe.com>) id 1Uy4nR-0005ZX-Nl for ietf-http-wg@listhub.w3.org; Sat, 13 Jul 2013 18:43:53 +0000
Received: from mail-bk0-f49.google.com ([209.85.214.49]) by lisa.w3.org with esmtps (TLS1.0:RSA_ARCFOUR_SHA1:16) (Exim 4.72) (envelope-from <mike@belshe.com>) id 1Uy4nQ-0000oK-Jf for ietf-http-wg@w3.org; Sat, 13 Jul 2013 18:43:53 +0000
Received: by mail-bk0-f49.google.com with SMTP id mz10so4142773bkb.22 for <ietf-http-wg@w3.org>; Sat, 13 Jul 2013 11:43:26 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:x-gm-message-state; bh=Qhi/IIMKGelstsCLy0OSax600d0BhGkXoOJEh+Gg3Rw=; b=prsRiT/arg04/SRwetx60yiJM0MUfkH2VK1JkZ4zevUcQvHl/f3D2AtHT9rZh1qzG4 kH0y9pu6zgwk0UyAg364A7h05wHZCyu9LfUYpKhvLjQv+nUw/AhLiNaekxLeQDyitpGz /XDV+slyiKzhvVz9idzQtGriNuEC4aGoiv4yX2GrIOyOnPQQHsijgGiEGfiXeAE8VjMn LjIURTs6gGkUtxWuwSFsHy+vpskJ8Hv1LXVqxRgWcC7EKJDVAIrghnF5t/TvFQr7nUib 13Tn4FsuS1boNPSd+6p0Xse0b+pfzgta1hDoNMGzBFi4FuvNluEe6vRiI0wQ5slgQYZp nv2g==
MIME-Version: 1.0
X-Received: by 10.204.76.72 with SMTP id b8mr7256136bkk.67.1373741006162; Sat, 13 Jul 2013 11:43:26 -0700 (PDT)
Received: by 10.204.168.130 with HTTP; Sat, 13 Jul 2013 11:43:26 -0700 (PDT)
In-Reply-To: <73FAE29B-76F5-4F69-B6C5-77DB653C0F2E@cs.tcd.ie>
References: <5672.1373710085@critter.freebsd.dk> <73FAE29B-76F5-4F69-B6C5-77DB653C0F2E@cs.tcd.ie>
Date: Sat, 13 Jul 2013 11:43:26 -0700
Message-ID: <CABaLYCtKGa8yyYLpun=LGaxjFoWvFYdK_TMqfAE-5Yw+ch7nAg@mail.gmail.com>
From: Mike Belshe <mike@belshe.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Cc: Poul-Henning Kamp <phk@phk.freebsd.dk>, HTTP Working Group <ietf-http-wg@w3.org>
Content-Type: multipart/alternative; boundary="047d7bb03bc0afd6d204e1690010"
X-Gm-Message-State: ALoCoQlY7bP2OYr/w34QRkasAPdQ6LQS8XOTkHA0Y4OuAH7Ih+/Mv0kpNlOYtqYCMQ0BhzLS/5gJ
Received-SPF: none client-ip=209.85.214.49; envelope-from=mike@belshe.com; helo=mail-bk0-f49.google.com
X-W3C-Hub-Spam-Status: No, score=-3.8
X-W3C-Hub-Spam-Report: AWL=-3.101, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7
X-W3C-Scan-Sig: lisa.w3.org 1Uy4nQ-0000oK-Jf fa920a14d7f62b86ca9c39397d4048ce
X-Original-To: ietf-http-wg@w3.org
Subject: Re: PRISM and HTTP/2.0
Archived-At: <http://www.w3.org/mid/CABaLYCtKGa8yyYLpun=LGaxjFoWvFYdK_TMqfAE-5Yw+ch7nAg@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/18747
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
Or we can put up an anonymous auction to all governments, and let the highest bidder win the keys to HTTP/2.0. Mike On Sat, Jul 13, 2013 at 3:47 AM, Stephen Farrell <stephen.farrell@cs.tcd.ie>wrote: > > > On 13 Jul 2013, at 11:08, Poul-Henning Kamp <phk@phk.freebsd.dk> wrote: > > > > > I would like to advocate that everybody spends a little bit of time > > reconsidering how we design protocols after the PRISM disclosures. > > > > We don't need to have a long discussion about the actual legality > > of the US spy operation, the sheer scale and the kind of efforts > > that went in to it is the relevant message to us. > > > > The take-home message is that encryption will be broken, disabled, > > circumvented og watered down, if it gets in the way of political > > objectives. > > > > We can do three things in light of this: > > > > 1) We can try to add more encryption to fight back. > > Sounds good. We probably need better implementation and more deployment as > well. > > > > > 2) We can recognize that there needs to be hooks for duly authorized > access. > > That's not for this WG IMO. RFC 2804 is a BCP that says that. > > > > > 3) We can change or at least influence the political objectives > > Not for the IETF IMO. > > S > > > > > > I think PRISM is ample evidence that #1 will have the 100% certain > > result is that all encryption will be circumvented, with bogus CA > > certs all the way up to PRISM and designed-in backdoors, and the > > net result is less or even no privacy for anybody everywhere. > > > > In my view, that would be very counterproductive. > > > > #2 is not without challenges, but at least there are plausible paths > > from there to a state of affairs where innocent people might still > > have access to private communications, and it might seem to be a > > necessary precondition for any hope on #3 > > > > #3 is clearly not inside HTTPbis scope, but it may be time for > > all good nerds to come to the aid of their country and humanity. > > > > A "market based" argument can be made under #3, that if we design > > protocols with the necessary access (#2), programs like PRISM will > > not be cost effective, but that will take some serious effort > > of education and politics. > > > > Anyway: Edward Snowden has moved the rug under the HTTP/2.0 > > standardization process, and we should not ignore that. > > > > Think about it. > > > > -- > > Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 > > phk@FreeBSD.ORG | TCP/IP since RFC 956 > > FreeBSD committer | BSD since 4.3-tahoe > > Never attribute to malice what can adequately be explained by > incompetence. > > > >
- PRISM and HTTP/2.0 Poul-Henning Kamp
- Re: PRISM and HTTP/2.0 Stephen Farrell
- Re: PRISM and HTTP/2.0 Mike Belshe
- Re: PRISM and HTTP/2.0 J Ross Nicoll
- Re: PRISM and HTTP/2.0 Roberto Peon
- Re: PRISM and HTTP/2.0 Nicolas Mailhot
- Re: PRISM and HTTP/2.0 Mark Nottingham
- Re: PRISM and HTTP/2.0 Poul-Henning Kamp
- Re: PRISM and HTTP/2.0 Reto Bachmann-Gmür
- Re: PRISM and HTTP/2.0 Nico Williams
- Re: PRISM and HTTP/2.0 Amos Jeffries
- Re: PRISM and HTTP/2.0 Reto Bachmann-Gmür
- Re: PRISM and HTTP/2.0 Nico Williams
- Re: PRISM and HTTP/2.0 Reto Bachmann-Gmür