Re: HTTP/2 and Pervasive Monitoring

Roland Zink <roland@zinks.de> Fri, 15 August 2014 17:29 UTC

Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B14511A00DF for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Fri, 15 Aug 2014 10:29:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.67
X-Spam-Level:
X-Spam-Status: No, score=-7.67 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.668, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id t_dbB0uBdkKz for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Fri, 15 Aug 2014 10:29:12 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C6EEF1A00F8 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Fri, 15 Aug 2014 10:29:09 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1XILGZ-0007SH-L6 for ietf-http-wg-dist@listhub.w3.org; Fri, 15 Aug 2014 17:26:15 +0000
Resent-Date: Fri, 15 Aug 2014 17:26:15 +0000
Resent-Message-Id: <E1XILGZ-0007SH-L6@frink.w3.org>
Received: from lisa.w3.org ([128.30.52.41]) by frink.w3.org with esmtp (Exim 4.72) (envelope-from <roland@zinks.de>) id 1XILG7-0007OE-FE for ietf-http-wg@listhub.w3.org; Fri, 15 Aug 2014 17:25:47 +0000
Received: from mo4-p00-ob.smtp.rzone.de ([81.169.146.216]) by lisa.w3.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.72) (envelope-from <roland@zinks.de>) id 1XILG6-0003VA-EP for ietf-http-wg@w3.org; Fri, 15 Aug 2014 17:25:47 +0000
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; t=1408123523; l=1937; s=domk; d=zinks.de; h=To:References:Content-Transfer-Encoding:Cc:Date:In-Reply-To:From: Subject:Mime-Version:Content-Type; bh=57VBnbvHPXc5zR5D06+EX1Uose8=; b=A6yIGs1vct45haudG0e2Dm7UcgSwGZyYgva5TfVVP9Hq6V7vPtNJcRgrOkHFYhW3AzO GUQGY5zQEmVmt5jsYpXsNKfUaXZVeDT9Vb4TcNSGFAqW2wT9wEL/w5VcuMkVRh4P2MIFP youWhYy6DczYt58JLF8WqjumldneQ8y9gBw=
X-RZG-AUTH: :PmMIdE6sW+WWP9q/oR3Lt+I+9LMU33+ypf2mW+KcRc13k8mwGJrE
X-RZG-CLASS-ID: mo00
Received: from [192.168.5.128] (19.Red-83-42-94.dynamicIP.rima-tde.net [83.42.94.19]) by smtp.strato.de (RZmta 35.8 DYNA|AUTH) with ESMTPSA id z00c7bq7FHPN2Q4 (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate); Fri, 15 Aug 2014 19:25:23 +0200 (CEST)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (1.0)
From: Roland Zink <roland@zinks.de>
X-Mailer: iPad Mail (11D257)
In-Reply-To: <53EDFCC9.1080606@cisco.com>
Date: Fri, 15 Aug 2014 19:25:23 +0200
Cc: Mark Nottingham <mnot@mnot.net>, HTTP Working Group <ietf-http-wg@w3.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <93E15423-C813-43B9-A7D4-C8490D9F6BAD@zinks.de>
References: <38BD57DB-98A9-4282-82DD-BB89F11F7C84@mnot.net> <53EDFCC9.1080606@cisco.com>
To: Eliot Lear <lear@cisco.com>
Received-SPF: none client-ip=81.169.146.216; envelope-from=roland@zinks.de; helo=mo4-p00-ob.smtp.rzone.de
X-W3C-Hub-Spam-Status: No, score=-0.1
X-W3C-Hub-Spam-Report: DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_NONE=-0.0001
X-W3C-Scan-Sig: lisa.w3.org 1XILG6-0003VA-EP 8f9bb1e68d65a4395c29a2238fa606f8
X-Original-To: ietf-http-wg@w3.org
Subject: Re: HTTP/2 and Pervasive Monitoring
Archived-At: <http://www.w3.org/mid/93E15423-C813-43B9-A7D4-C8490D9F6BAD@zinks.de>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/26619
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>


> Am 15.08.2014 um 14:27 schrieb Eliot Lear <lear@cisco.com>:
> 
> Hi Mark,
> 
> Just on these two points, taken together:
> 
>> On 8/15/14, 4:58 AM, Mark Nottingham wrote:
>> One proposal we considered was to require the use of TLS (through https:// URIs) for HTTP/2. However, some members of the community pushed back against this, on the grounds that it would be too onerous for some uses of HTTP (not necessarily CPU; cost and administration of certificates was cited as a burden, as was the follow-on disruption to applications, since transitioning from HTTP to HTTPS often requires non-trivial content changes, due to the way that the browser security model works).
>> 
>> We also discussed an "Opportunistic Security" approach to using TLS for http:// URIs (but without authentication). This was a bit controversial too, as some community members felt that having another, weaker kind of security defined harms the long-term deployment of "full" TLS.
> 
> Some of us have been a little nervous about the spread of infections due
> to encryption with unauthenticated endpoints, making it a bit more of a
> pain for in-path virus checkers and such.  That was raised several
> times.  You saw data published to this list from Cisco saying that this
> wasn't really a problem when the server had a valid cert.
> 
> Eliot
> 
Don't think that a valid cert really helps here although it may give a hint about who is responsible.
 - the browser is executing potential dangerous code and may be infected.
 - there are just too many devices in a home to do this efficiently on all the devices.
 - the spy my already be in, for example a TV, and try to smuggle out private data under the TLS.
A central point of control may help users.

This problem should be solved separately and opportunistic encryption increases the need for a solution.

Roland

>