[hybi] On TLS-only Approaches
Eric Rescorla <ekr@rtfm.com> Sun, 22 August 2010 19:45 UTC
Return-Path: <ekr@rtfm.com>
X-Original-To: hybi@core3.amsl.com
Delivered-To: hybi@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 77F783A6952 for <hybi@core3.amsl.com>; Sun, 22 Aug 2010 12:45:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -100.508
X-Spam-Level:
X-Spam-Status: No, score=-100.508 tagged_above=-999 required=5 tests=[AWL=-0.021, BAYES_05=-1.11, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1bgQd-GFnwhV for <hybi@core3.amsl.com>; Sun, 22 Aug 2010 12:45:28 -0700 (PDT)
Received: from mail-bw0-f44.google.com (mail-bw0-f44.google.com [209.85.214.44]) by core3.amsl.com (Postfix) with ESMTP id D980F3A688B for <hybi@ietf.org>; Sun, 22 Aug 2010 12:45:27 -0700 (PDT)
Received: by bwz9 with SMTP id 9so4889261bwz.31 for <hybi@ietf.org>; Sun, 22 Aug 2010 12:46:00 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.204.82.80 with SMTP id a16mr3024618bkl.39.1282506358919; Sun, 22 Aug 2010 12:45:58 -0700 (PDT)
Received: by 10.204.7.70 with HTTP; Sun, 22 Aug 2010 12:45:58 -0700 (PDT)
Date: Sun, 22 Aug 2010 12:45:58 -0700
Message-ID: <AANLkTikJcbyEZ-Y0FOXni89L8Awa_UBmMMDvLgsOuoou@mail.gmail.com>
From: Eric Rescorla <ekr@rtfm.com>
To: Server-Initiated HTTP <hybi@ietf.org>
Content-Type: multipart/alternative; boundary="0016e6d97641f212a1048e6ec7af"
Subject: [hybi] On TLS-only Approaches
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 22 Aug 2010 19:45:29 -0000
I'd like to take a brief detour from the topic of framing and (re)discuss the topic of whether we want to require TLS only. Aside from the obvious security advantages, it appears that TLS-based approaches are likely to be a lot more successful. Adam Langley reports (http://www.ietf.org/mail-archive/web/tls/current/msg05593.html) that their tests show 95% success with TLS-only approaches as compared to 67% with HTTP approaches. This argues that people who want to be successful will choose to run WebSockets over TLS. OK, you say, so what's the harm in specifying HTTP and HTTPS versions. I see two arguments against this: (1) It just increases the attack surface. (2) It means that we're forced to design things into this protocol that we could get from TLS. Exhibit A for the second argument is of course NPN or something like it. Currently, we're forced to design a handshake that ensures that the client and server are both speaking Websockets; this is necessarily a bit hacky and likely to either make the proxy problem worse (encryption) or cost us a round trip (MAC handshake). By contrast, if we're really using TLS, then we can just build this mechanism into TLS without paying any penalty. I just want to get ahead of one possible objection to this line of reasoning: that there is a performance penalty for TLS. Even if you don't find the arguments that TLS perf isn't an issue convincing ( http://www.imperialviolet.org/2010/06/25/overclocking-ssl.html), and FWIW I do, if, as I argue, you're going to pay that cost anyway, then our goal should be to minimize the cost of the combined system, and that is easiest to do if we simply assume TLS all the time. -Ekr
- Re: [hybi] On TLS-only Approaches Adam Barth
- Re: [hybi] On TLS-only Approaches John Tamplin
- [hybi] On TLS-only Approaches Eric Rescorla
- Re: [hybi] On TLS-only Approaches Roberto Peon
- Re: [hybi] On TLS-only Approaches John Tamplin
- Re: [hybi] On TLS-only Approaches Adam Barth
- Re: [hybi] On TLS-only Approaches John Tamplin
- Re: [hybi] On TLS-only Approaches Adam Barth
- Re: [hybi] On TLS-only Approaches Mark Nottingham
- Re: [hybi] On TLS-only Approaches Adam Barth
- Re: [hybi] On TLS-only Approaches Maciej Stachowiak
- Re: [hybi] On TLS-only Approaches Maciej Stachowiak
- Re: [hybi] On TLS-only Approaches Maciej Stachowiak
- Re: [hybi] On TLS-only Approaches John Tamplin
- Re: [hybi] On TLS-only Approaches Adam Barth
- Re: [hybi] On TLS-only Approaches Mike Belshe
- Re: [hybi] On TLS-only Approaches Mark Nottingham
- Re: [hybi] On TLS-only Approaches Brian Smith
- Re: [hybi] On TLS-only Approaches Shelby Moore
- Re: [hybi] On TLS-only Approaches Eric Rescorla
- Re: [hybi] On TLS-only Approaches Daniel Stenberg