Crypto Zealots

It is worth reading the article this posted one is in response to. (<a href="http:&#x2F;&#x2F;www.circleid.com&#x2F;posts&#x2F;20180225_humming_an_open_internet_demise_in_london&#x2F;" rel="nofollow">http:&#x2F;&#x2F;www.circleid.com&#x2F;posts&#x2F;20180225_humming_an_open_inter...</a>)<p>It has the kind of inflammatory institutional chauvinism one usually expects from bureaucrats defending their turf and moralizing their powers, but it&#x27;s important to understand the outcomes the people like them are aiming for.<p>Additionally, ignoring for a moment the usual appeals for intelligence and law enforcement, the coalition of interests the author is referencing includes those interested in enforcing &quot;societal norms,&quot; and &quot;support for persons with disabilities.&quot;<p>The first means censorship and those people never seem to go away. But the second has nothing to do with transport layer encryption and appears to be a dogwhistle offering tacit institutional support to political agitators who want to get onside with adding surveillance levers to the internet.<p>The article could reasonably be interpreted as a threat that if TLS 1.3 is adopted and imposes further costs on pervasive surveillance apparatuses, they will co-operate to further balkanize the internet.

If there&#x27;s still any doubt that encrypting everything is the right way to go for internet protocols:<p><i>Huge: @Citizenlab catches ISPs invisibly redirecting download requests for popular programs, injecting them with government spyware. Unencrypted web traffic is now provably a critical, in-the-wild vulnerability. 20-30% of top internet sites affected.</i><p><a href="https:&#x2F;&#x2F;twitter.com&#x2F;Snowden&#x2F;status&#x2F;972110541408952320" rel="nofollow">https:&#x2F;&#x2F;twitter.com&#x2F;Snowden&#x2F;status&#x2F;972110541408952320</a>

After reading both the linked article and the original to which this responds, I can say I am one of those Crypto zaelots. And not just because I am developing a protocol that encrypts everything end-to-end.<p>The original article&#x27;s claims are ludicrous, stating that TLS 1.3 would be basically unlawful, since the ISPs can not read the data. Than it says that a open internet is bad, citing small, empty pages that go from &quot;there are nazis there&quot; to &quot;this and that political figure is there only thanks to the internet&quot;.<p>The solution is: middleboxes that see all your traffic. ...&#x27;cause Trump would not have been elected with your middleboxes or something? That alone is disturbing on many levels.<p>The author of the linked article points out that it is a bad idea due to what Snowden brought up, but basically stops there.<p>So please let me say, fuck you and your middleboxes. But not only because of the Snowden revelations.<p>I have seen middleboxes truncate traffic because they didn&#x27;t understand a TCP option. Throttle&#x2F;drop everything because they were way too downsized and could not handle the traffic, some barely able to NAT, let alone do their inspection. Centralized firewalls crashing due to too many packets in memory. Captive portals that spoof dns so that they can display the login page, except that I can&#x27;t see that, &#x27;cause HSTS and they don&#x27;t have the certificate, or my device caches the DNS query result and I can&#x27;t see that site anymore.<p>So Fuck you and your middleboxes. Especially those that intercept all your TLS traffic, analyze and then pass it through, signed with their CA. Except they didn&#x27;t really control the original certificate, or you can&#x27;t control the trusted CAs. Or those that blocked me from updating antiviruses, because guess what, false positives. Or those that MITM your dns queries, to give you your much needed advertisement, when they don&#x27;t outright MITM your HTTP to add <i>their</i> advertisement.<p>Are any of those middleboxes ever updated anyway? By the developers, not by the local admins. Those middleboxes that break stuff and make troubleshooting hell. I have seen too many old, never-updated stuff to believe in your middleboxes anymore.<p>If a company wants&#x2F;needs to see&#x2F;modify the traffic, then fine. On their devices. Install a CA there or install a VPN that tunnels the device to your proxy or something. Why does it have to transparent, for everyone?<p>So really, I&#x27;m with the author. Fuck you and your fucking middleboxes.

&gt; We’ve seen programs such as Let’s Encrypt that bring the price of domain name public key certificates down to a base of free.<p>And, interestingly enough, turn the implicit assumptions behind the whole XPKI infrastructure on their head.<p>CAs built their business on the idea that we needed to know that sears.com is Sears, Roebuck &amp; Co., while sears.net is a family website. But it turns out that we don&#x27;t really care: we care that google.com is google.com, and that&#x27;s it.<p>What we <i>really</i> want is to know that the IP address we&#x27;re talking to is the IP address we think we&#x27;re talking to, and that the IP address we&#x27;re talking to is the one we looked up for a particular DNS name. What we really want is not an identity-authentication certificate, but rather authorisation certificates.<p>Over twenty years ago, RFCs 2692 &amp; 2693 (and follow-up draft work) identified the issue, and offered a solution — but the industry stuck with identity-authentication certificates. This is kinda crazy when you think of it: knowing who someone is doesn&#x27;t guarantee that I want to do business with him.

The piece in CircleID to which Geoff Huston is responding is pretty clearly a troll, a bid for attention from someone professionally attached to some pretty marginal &quot;standards&quot; groups. It&#x27;s incoherent and poorly informed. It&#x27;s possible to make colorable arguments about the need for security protocols that admit to legitimate monitoring. The CircleID piece didn&#x27;t make any of those.<p>It&#x27;s a little embarrassing to see someone of Geoff Huston&#x27;s stature responding to what is so clearly a plea for recognition from someone who would otherwise have no impact whatsoever on Internet engineering. It&#x27;s much more embarrassing for CircleID to have published that piece to begin with, but, what do you expect? CircleID is terrible.

For me, a &quot;crypto zealot&quot; is somebody who says we shouldn&#x27;t use SMS based 2FA because it has some vulnerabilities: people who advocate using only the best crypto, or none at all.<p>This just sounds like building a universal layer of encryption around all communications. It&#x27;s not zealotry but common sense.

&gt; A better position is to use QUIC. Not only is the payload encrypted, but the entire transport flow control is covered by the veil of encryption.<p>I&#x27;m not sure I understand his&#x2F;her point. Maybe this is pointing to QUIC encrypting part of the handshake?

(Surprisingly the fine article is about cryptography, not fake internet money)

&gt; We’ve seen programs such as Let’s Encrypt that bring the price of domain name public key certificates down to a base of free<p>Only free if you value your time at $0.