Am Donnerstag, 4. Juni 2015, 13:57:24 schrieb Roy T. Fielding:
TLS does not provide privacy. What it does is disable anonymous access to
ensure authority. It changes access patterns away from decentralized
caching to more centralized authority control. That is the opposite of
privacy. TLS is desirable for access to account-based services wherein
anonymity is not a concern (and usually not even allowed). TLS is NOT
desirable for access to public information, except in that it provides an
ephemeral form of message integrity that is a weak replacement for content
integrity.
Yes,
i remember and know several scenarios where providers (mainly in the middle
east and africa, where bandwidth is still "expensive") still are using large
scale HTTP caching (wie build a few of it in the past) - to "save bandwidth"
(costs) and/or improve "surf performance" from their view.
HTTPS stuff isn't "usually" cached (except they try to break it by faking all
SSL by their own (MitM) "working" certificate, which is afaik less the case in
provider networks).
This means users have to use the outer side networks to get static HTTP docs
in any case / for "each request" - these networks are still often not secured
physically or logically (i.e. unencrypted satellite or microwave trunks or
fiber over neighbour country territory - encryption still costs
ressources/money here...) and so (at least) very easy to sniff by anyone with
very small equipment - i.e. jouranlists, hobbyists and - of course - any kind
of other guys within i.e. the same satellite footprint.
HTTPS brings centralization which leads to the opposite of "privacy" in such
cases, but even if smaller networks are running caches this could make user
tracking by third parties much more difficult.
To provide data integrity (by the entity [like the IETF] BYSELF and not any
third party the user has to trust additionally and to read/check by hand each
time using a browser session!) content signing would be much more helpful
while it allows further access over HTTP caches or even mirrors.
And not at least: caching and mirroring could hardly rise data availability -
by redundancy and it is more difficult to block access to. See i.e. the former
wikileaks mirror network working this way (and i remember how my collegue was
tried pressed by german services / police to hand out access to the german
wikileaks web domain some years ago...).
If the IETF wants to improve privacy, it should work on protocols that
provide anonymous access to signed artifacts (authentication of the
content, not the connection) that is independent of the user's access
mechanism.
+1
I'm not a crypto geek, but for me something what allows i.e. using my own pgp
public key to sign (HTTP) documents on request - integrated in browsers / web
security standards or similiar, would be a helpful solution.
F.i., PGP still needs improvements in the possibilities of (decentralized)
trust handling and transparent, dynamic "security levels" (a user has to
"decide" which entities he trust in which way on a still more transparent and
easier to "manage" level) - but i think that a person or entity should be able
to manage trust from his own view onto it - and not mainly/only single others
(or a complete branche of as in HTTPS/x509 the case in practice). The PGP
principle is the nearest to that att.
many thanks,
Niels.
--
---
Niels Dettenbach
Syndicat IT & Internet
http://www.syndicat.com
PGP: https://syndicat.com/pub_key.asc
---
signature.asc
Description: This is a digitally signed message part.