
Thou Shalt Use TLS? - gthank
http://www.mnot.net/blog/2010/07/23/spdy_tls
======
briansmith
I think Mark's comments here are representative of our whole industry's
reluctance to recognize our end-users' right to privacy. Once privacy becomes
a fundamental assumption, then TLS will be the bare minimum that is
implemented. (In fact, most HTTPS stacks leak a lot of information, so
additional measures are necessary.) Caching intermediary proxies won't even
enter the debate because, while they are a significant optimization, they are
completely at odds with this fundamental right.

This is only a debate because, historically, we've completely ignored users'
fundamental right to privacy due to performance concerns. Now, the folklore of
SSL/TLS performance is largely out of date, but people are still building
software using those outdated assumptions. Plus, people (especially at Intel,
Sun/Oracle, and Google) are working right now to significantly reduce TLS
overhead. IMO, it would be negligent to build a public system to be deployed
in the next year that doesn't offer users basic protection from eavesdropping.

Signed HTTP is no alternative to TLS. Most users want repudiation and privacy,
not non-repudiation and non-privacy. In other words, they want their actions
to be hidden, and they don't want people to have proof of their actions
(signed HTTP requests) available after the fact. (TLS provides some level of
repudiation because application data is encrypted using symmetric keys, so
either side can forge the other side's traffic.)

Mark has a good point that using TLS basically renders (caching) HTTP proxies
useless. But, really, HTTP proxies have been holding back the internet for
years. It is too easy to make a HTTP proxy that works for HTTP 1.0 and doesn't
work for HTTP 1.1, and so that's what everybody has done. That is why we can't
deploy HTTP pipelining on the Internet today, even though it was standardized
more than a decade ago in the HTTP 1.1 specification. Bad proxies are the
reason that every HTTP-based protocol has to be made to work using just GET
and POST, instead of (or in addition to) using PUT and DELETE. I'm not going
to miss HTTP proxies one bit.

------
mike-cardwell
I want to use untrusted networks like the WIFI provided at cafes. The only way
I can currently do that securely is by using a VPN back to a network I trust.
If all web traffic was encrypted end to end, I would be able to use untrusted
networks without worrying about all my traffic being sniffed, my sessions
being hijacked, and my ISP inserting adverts into the stream. People use SSH
rather than Telnet for a very good reason.

~~~
mooism2
If all web traffic is encrypted end to end, then either every web site needs
to pay for a tls certificate, or your isp can insert adverts into the stream
anyway.

~~~
agl
You can get certificates for free at startssl.com

~~~
mooism2
Any idea which browsers their root certificate is in? They don't seem to say
in their faq.

