
Embracing HTTPS - cpeterso
http://open.blogs.nytimes.com/2014/11/13/embracing-https/
======
Animats
Pushing too hard for HTTPS can lead to HTTPS as security theater. Cloudflare
offers this as a service; they call it "Flexible SSL". They get a multi-domain
SSL certificate for a huge number of unrelated domains, and let people connect
to that. The data is decrypted at Cloudflare, and retransmitted in the clear
to the destination site. The user thinks they have security, and they have a
little, but less than they think. The multi-domain cert makes some attacks
possible. If an attacker can mess with DNS near the client end (perhaps at a
public WiFi access point), and can break into any of the sites listed on the
cert, they can do an MITM attack. A cert with both an important site and a
weakly secured site creates an easy attack target.

Multi-domain certs are used because IPv4 space is full and Windows XP doesn't
support Server Name Indication, which allows a unique cert for different
domains at the same IP address. So if you want SSL on a shared IP address, and
need to support good old IE6 over IPv4, multi-domain certs are necessary. XP
still has 19% market share on line, as of October 2014. Everything else has
supported SNI since 2007 or so.

I have a paper on this:

[http://john-nagle.github.io/certscan/whoamitalkingto04.pdf](http://john-
nagle.github.io/certscan/whoamitalkingto04.pdf)

This identifies all the major front-end services using shared SSL
certificates. Cloudflare has 36,280 second level domains tied to
"*.cloudflare.com". Incapsula, the DDOS protection service, has 1471. Once
you're past the top 20 such services, no site has more than about 100. Once
IE6 has died off, the CAs can stop issuing certs containing unrelated domains.
But not yet.

~~~
freerk
SNI is not supported by the schannel implementation of win XP, it is not an
IE6 thing, IE8 on win XP doesn't know SNI either :(

~~~
tedunangst
It's also not supported by python urllib or feedparser (at least not by
default), meaning any attempt to connect to a service that requires SNI
(cloudfront is one) fails during handshake.

This is doubly annoying for checking blogs that require https and redirect
http. I have no way to check their RSS feeds.

~~~
Animats
Read this Python bug report for the painful story of SNI support in Python,
2009 through 2014.

[http://bugs.python.org/issue5639](http://bugs.python.org/issue5639)

~~~
tedunangst
Sigh.

------
rgbrenner
_If you run a news site, or any site at all, we’d like to issue a friendly
challenge to you. Make a commitment to have your site fully on HTTPS by the
end of 2015 and pledge your support with the hashtag #https2015._

This article is funny... written by the CTO for nytimes (et al).. asks news
sites to make a commitment to HTTPS... but fails to commit to it for NYTimes.

~~~
peter_l_downs
The page itself is plain HTTP, too.

~~~
AlyssaRowan
Yeah, you don't get to say that when
[https://open.blogs.nytimes.com/2014/11/13/embracing-
https/](https://open.blogs.nytimes.com/2014/11/13/embracing-https/) isn't even
_listening_ on port 443.

Dear Akamai: when are you going to make TLS 1.2 support free? Cloudflare has.
:)

~~~
moe
_Dear Akamai: when are you going to make [...] free?_

Lol.

------
igrigorik
For the record, it's worth noting that we're starting from a state that's
nothing short of disastrous: [https://alexgaynor.net/2014/nov/12/state-of-
news-tls/](https://alexgaynor.net/2014/nov/12/state-of-news-tls/)

Let's hope that twelve months from now, we're looking at a very different
landscape. Kudos to NYTimes for issuing the challenge. At the very least, this
is an important conversation starter.

------
NickKitchen
It's important to note that the benefits of having SSL far outweigh the
potential problems. The cost is fairly low for a business to have a
certificate for their main domain, the speed difference is not very noticeable
(to the point that many major social networks have https on every page). Every
website should be developed with the ability to add https on every page

------
joelrunyon
Two questions on this (from an novice-techie pov):

1\. Https is slower. From a practicality standpoint - is it _that_ much slower
to actually make a difference from a UX side of things?

2\. I've implemented https on one of my sites, but in chrome, it's not full
green, but appears as https with the broken lock. Any idea on what that means
and how to fix it?

~~~
kijin
If you just put a static "Hello World" webpage on a server and try to
benchmark it with something generic like `ab`, yes, HTTPS appears to be
several times slower than HTTP.

If you put a real web application on that server, enable all the bells and
whistles (keep-alive, session cache, OCSP stapling, SPDY, etc), and configure
your benchmark tool to make use of those features, the performance penalty of
HTTPS becomes less than 5%.

And that was a couple of years ago on a relatively low-end VPS. Nowadays, the
difference is probably even smaller.

~~~
avian
> If you just put a static "Hello World" webpage on a server and try to
> benchmark it with something generic like `ab`, yes, HTTPS appears to be
> several times slower than HTTP.

Can you suggest a benchmark tool that can be used to give a more realistic
figure than `ab`? I know jmeter can do session caching, but I find its
interface baffling and I can't find a pre-made configuration.

I recently compared performance of my home ARM server when serving my blog
through HTTP and HTTPS:

[https://www.tablix.org/~avian/blog/archives/2014/11/cubietru...](https://www.tablix.org/~avian/blog/archives/2014/11/cubietruck_ssl_performance/)

~~~
kijin
Sorry, it's been a while since I've looked at HTTP/S benchmarking tools, so I
can't say which one has the latest & greatest features.

By the way, did you use `ab` with the `-k` option when you ran those
benchmarks? Testing HTTPS without keep-alive is utterly meaningless, since
every browser aggressively reuses HTTPS connections nowadays.

------
101914
"In light of a growing number of cyber security and data privacy concerns,
replacing HTTP with its secure alternative, HTTPS, is becoming increasingly
important."

s/its secure alternative/a secure alternative/ s/,HTTPS,//

This NYT blog post reads like an advertisement.

If the newspaper is worried about guaranteeing the authenticity of its web
content, then why don't they publish their SSL certificate in the print
version? For scanning/OCR.

No third party CA needed.

When connecting to the desired website, I can check for the correct
certificate myself, thanks. This is not a perfect solution, but it is better
than third party CA's or letting third parties embed certificates in browsers
where no user ever looks at them. In my opinion.

------
Panino
To push the ball forward, major link aggregators like reddit could implement
HTTPS Everywhere style code. The front page has numerous examples of linked
content over plaintext http that is also offered over https.

------
yuhong
BTW, nytimes.com is TLS 1.3 intolerant.
[https://www.ssllabs.com/ssltest/analyze.html?d=nytimes.com&s...](https://www.ssllabs.com/ssltest/analyze.html?d=nytimes.com&s=170.149.168.130)

------
spacefight
"By the end of 2015".

How about do it by the end of next quarter, seriously!?

------
gojomo
It's so critically important, we'll commit to doing it within 14 months.

