PRISM and HTTP/2.0
Poul-Henning Kamp <phk@phk.freebsd.dk> Sat, 13 July 2013 10:09 UTC
Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B6A9F21F9F30 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sat, 13 Jul 2013 03:09:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.599
X-Spam-Level:
X-Spam-Status: No, score=-10.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tbzs76jLIVgV for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sat, 13 Jul 2013 03:09:24 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) by ietfa.amsl.com (Postfix) with ESMTP id 827B021F9E2A for <httpbisa-archive-bis2Juki@lists.ietf.org>; Sat, 13 Jul 2013 03:09:23 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1Uxwkm-0006Ow-E7 for ietf-http-wg-dist@listhub.w3.org; Sat, 13 Jul 2013 10:08:36 +0000
Resent-Date: Sat, 13 Jul 2013 10:08:36 +0000
Resent-Message-Id: <E1Uxwkm-0006Ow-E7@frink.w3.org>
Received: from lisa.w3.org ([128.30.52.41]) by frink.w3.org with esmtp (Exim 4.72) (envelope-from <phk@phk.freebsd.dk>) id 1Uxwkd-0006OD-Rn for ietf-http-wg@listhub.w3.org; Sat, 13 Jul 2013 10:08:27 +0000
Received: from phk.freebsd.dk ([130.225.244.222]) by lisa.w3.org with esmtp (Exim 4.72) (envelope-from <phk@phk.freebsd.dk>) id 1Uxwkd-0007NK-3N for ietf-http-wg@w3.org; Sat, 13 Jul 2013 10:08:27 +0000
Received: from critter.freebsd.dk (unknown [192.168.48.2]) by phk.freebsd.dk (Postfix) with ESMTP id 980E83EB47 for <ietf-http-wg@w3.org>; Sat, 13 Jul 2013 10:08:05 +0000 (UTC)
Received: from critter.freebsd.dk (localhost [127.0.0.1]) by critter.freebsd.dk (8.14.7/8.14.7) with ESMTP id r6DA85Ng005673 for <ietf-http-wg@w3.org>; Sat, 13 Jul 2013 10:08:05 GMT (envelope-from phk@phk.freebsd.dk)
To: HTTP Working Group <ietf-http-wg@w3.org>
From: Poul-Henning Kamp <phk@phk.freebsd.dk>
Content-Type: text/plain; charset="ISO-8859-1"
Date: Sat, 13 Jul 2013 10:08:05 +0000
Message-ID: <5672.1373710085@critter.freebsd.dk>
Received-SPF: none client-ip=130.225.244.222; envelope-from=phk@phk.freebsd.dk; helo=phk.freebsd.dk
X-W3C-Hub-Spam-Status: No, score=-3.4
X-W3C-Hub-Spam-Report: AWL=-3.399, T_RP_MATCHES_RCVD=-0.01
X-W3C-Scan-Sig: lisa.w3.org 1Uxwkd-0007NK-3N e5872fb216979e98600344dcdb77c099
X-Original-To: ietf-http-wg@w3.org
Subject: PRISM and HTTP/2.0
Archived-At: <http://www.w3.org/mid/5672.1373710085@critter.freebsd.dk>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/18741
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
I would like to advocate that everybody spends a little bit of time reconsidering how we design protocols after the PRISM disclosures. We don't need to have a long discussion about the actual legality of the US spy operation, the sheer scale and the kind of efforts that went in to it is the relevant message to us. The take-home message is that encryption will be broken, disabled, circumvented og watered down, if it gets in the way of political objectives. We can do three things in light of this: 1) We can try to add more encryption to fight back. 2) We can recognize that there needs to be hooks for duly authorized access. 3) We can change or at least influence the political objectives I think PRISM is ample evidence that #1 will have the 100% certain result is that all encryption will be circumvented, with bogus CA certs all the way up to PRISM and designed-in backdoors, and the net result is less or even no privacy for anybody everywhere. In my view, that would be very counterproductive. #2 is not without challenges, but at least there are plausible paths from there to a state of affairs where innocent people might still have access to private communications, and it might seem to be a necessary precondition for any hope on #3 #3 is clearly not inside HTTPbis scope, but it may be time for all good nerds to come to the aid of their country and humanity. A "market based" argument can be made under #3, that if we design protocols with the necessary access (#2), programs like PRISM will not be cost effective, but that will take some serious effort of education and politics. Anyway: Edward Snowden has moved the rug under the HTTP/2.0 standardization process, and we should not ignore that. Think about it. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence.
- PRISM and HTTP/2.0 Poul-Henning Kamp
- Re: PRISM and HTTP/2.0 Stephen Farrell
- Re: PRISM and HTTP/2.0 Mike Belshe
- Re: PRISM and HTTP/2.0 J Ross Nicoll
- Re: PRISM and HTTP/2.0 Roberto Peon
- Re: PRISM and HTTP/2.0 Nicolas Mailhot
- Re: PRISM and HTTP/2.0 Mark Nottingham
- Re: PRISM and HTTP/2.0 Poul-Henning Kamp
- Re: PRISM and HTTP/2.0 Reto Bachmann-Gmür
- Re: PRISM and HTTP/2.0 Nico Williams
- Re: PRISM and HTTP/2.0 Amos Jeffries
- Re: PRISM and HTTP/2.0 Reto Bachmann-Gmür
- Re: PRISM and HTTP/2.0 Nico Williams
- Re: PRISM and HTTP/2.0 Reto Bachmann-Gmür