ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: https

2011-08-27 09:45:22
from [Dave CROCKER] [Permanent Link] 
On 8/26/2011 12:18 AM, t.petch wrote:
> Why does the IETF website consider it necessary to use TLS to access the
> mailing list archives, when they all appeared without it, or any other
> security, in the first place?
There is a general move towards using https for all web exchanges, as already noted on this thread. When a server-side cert is used, this includes protection against man-in-the-middle attacks.
As for providing confidentiality when the data are actually public, yeah, that's kind of wasted, but the web service can't know whether the data needs protecting. For example you might be logging in to your mailing list account. 

However, as Eliot notes, there is a degree of data authentication this provides.
As for the alternative of object-based signing, that's good in theory, but not as well deployed -- and some current IETF wg activity seeks to remedy this(*) -- and therefore not an immediately superior choice. (As a fan of object-based signing, I would rather have the authentication be object-based.) 



On 8/26/2011 10:29 PM, Glen Zorn wrote:

I could have sworn that TLS was an e2e mechanism.  Maybe you're using
the term "hop" in a manner unfamiliar to me?


Evidently so.
The likely disparity is with applications that have their own store-and-forward model, as already noted on this thread. TLS covers only one step (hop) in the sequence; by definition, that's not end2end. 

And note that this is a rather larger set of apps than most people realize.
The modern web, for example, is highly store and forward at the application level. First, the author is typically far removed from the server that provides the data. Second, caches and proxies mediate the exchange. TLS protects none of the intermediary processes.
In other words, with respect to application-level protection, TLS is equivalent to a link-level protocol. It is 'direct' between two apps participants during an immediate exchange. It does not cover the sequence of nodes at the application level. Having a sequence of TLS sessions provides protection of the communication exchanges, but does not protect within the nodes mediating the (apps-level) e2e sequence.
In other words, "end to end" is a relative construct. Even email is not end2end, relative to some processes that use email, such as EDI... 


d/
(*) A fundamental issue that arises especially for object-based signing is which identifier to use. There is a very large difference between having it signed by the author's organization, versus by the web server operator, for example. 

--

  Dave Crocker
  Brandenburg InternetWorking
  bbiw.net
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: authenticated archives, was https, John Levine
Next by Date:  Re: authenticated archives, was https, Keith Moore
Previous by Thread:  Re: https, ned+ietf
Next by Thread:  Re: https, Melinda Shore
Indexes:  [Date] [Thread] [Top] [All Lists]