On Fri, Nov 15, 2013 at 6:14 AM, Hannes Tschofenig <
hannes(_dot_)tschofenig(_at_)gmx(_dot_)net> wrote:
Am 15.11.13 11:33, schrieb l(_dot_)wood(_at_)surrey(_dot_)ac(_dot_)uk:
If we had widespread encryption earlier, we wouldn't have an open web.
These are the types of claims we will never find out whether they are true
or not (even though it is not even clear what you mean by 'open' here and
whether it refers to the confidential communication between the browser and
the Web site).
Rob McCool and myself were implementing public key systems on the Web back
in 1993-4. So were EKR and Alan Schifman at EIT.
Have you ever tried to do RSA1024 on a 20MHz machine? How many connections
do you think can be supported on a 200MHz server?
The reason the Web does not have built in crypto is due to the problems of
performance and key distribution. The SSL ecology is not designed to
provide confidentiality except as a side effect. It was designed to make
shopping online as safe as shopping in a store.
What the 'SSL everywhere' schemes are offering is more encryption but with
a weak or non existent authentication model. That is ok if all SSL
everywhere is intended to do is to replace traffic that is currently sent
en-clair without authentication. But this is a weaker security control than
current SSL.
Deferring the hard problems till later is the reason the Web works.
Attempting to boil the ocean is the reason Xanadu could never be finished.
We can make very definite statements about what was practical in 1993.
The strategy is very interesting, the claim is that HTTP 2.0 with SSL is
just as fast as HTTP 1.0. Which sounds good until you remember that the
purported benefit of HTTP 2.0 is performance rather than security.
That might turn out to be a problem.
--
Website: http://hallambaker.com/