Re: Proposed Statement on "HTTPS everywhere for the IETF"

Not all information needs to be secure, pure and simple, and individual anonymity is more important for the health of internet culture than all the security in the world.<p>This section covers my feelings on the topic:<p>&quot;TLS does not provide privacy. What it does is disable anonymous access to ensure authority. It changes access patterns away from decentralized caching to more centralized authority control. That is the opposite of privacy. TLS is desirable for access to account-based services wherein anonymity is not a concern (and usually not even allowed). TLS is NOT desirable for access to public information, except in that it provides an ephemeral form of message integrity that is a weak replacement for content integrity.&quot;

<i>TLS everywhere is great for large companies with a financial stake in Internet centralization. It is even better for those providing identity services and TLS-outsourcing via CDNs. It&#x27;s a shame that the IETF has been abused in this way to promote a campaign that will effectively end anonymous access, under the guise of promoting privacy.</i><p>I think he makes a very good point here: if browsers did not support plaintext HTTP at all, and only CA-verified TLS, it would be practically impossible for those who want to run a server somewhere, to anonymously serve a site containing public information. If everyone has to obtain a certificate from a CA, that is another way they can be tracked by a central authority.

&gt; Roy Thomas Fielding (born 1965) is an American computer scientist,[1] one of the principal authors of the HTTP specification, an authority on computer network architecture[2] and co-founder of the Apache HTTP Server project.<p><a href="http:&#x2F;&#x2F;en.wikipedia.org&#x2F;wiki&#x2F;Roy_Fielding" rel="nofollow">http:&#x2F;&#x2F;en.wikipedia.org&#x2F;wiki&#x2F;Roy_Fielding</a><p>A good read, and he&#x27;s not just blowing smoke.<p>&gt; If the IETF wants to improve privacy, it should work on protocols that provide anonymous access to signed artifacts (authentication of the content, not the connection) that is independent of the user&#x27;s access mechanism.<p>But it seems to me that there is basically no way to request access to any kind of data, without it being traceable in some manner; at the very least the ISP would still see the traffic. I guess you could argue for TOR, but that still allows vectors and has its own issues to worry about.<p>Funny, we need the same kinda access that radio and TV used to provide; where you could just &quot;tune in&quot; to something and have a listen, and you were more or less untraceable; even if you were to broadcast on that frequency your traceability, while triangulable, is still fairly anonymous. But on the internet, there is no such way to broadcast like that. Maybe that&#x27;s a design flaw, maybe it&#x27;s a feature.

100% agree. If you want to ensure the integrity of content, then sign the content. If you want to protect people&#x27;s interactions with websites when exchanging non-public data then use encryption when that&#x27;s warranted. But credential-based encryption should never be used across sites or with public data because (as the poster notes) it just becomes another way in which broader interaction with the Internet can be tracked.<p>It&#x27;s trading yet more liberty for just a little bit more security, and haven&#x27;t we all done enough of that already?

&quot;authentication of the content, not the connection&quot;<p>Popular websites that hold themselves out as businesses, i.e. &quot;exclusive&quot; sources of content (often generated by users, go figure), they have no reason to support this concept. Because then it does not matter where the user gets the content. But they might have reasons to support TLS.<p>One could argue users want authentic content (signed content), not authentic &quot;websites&quot; (single sources for content trying to serve too many users, all at the same time).<p>Or maybe many users do not know the difference?<p>Van Jacobsen gave a good talk on this at Google:<p><a href="http:&#x2F;&#x2F;www.youtube.com&#x2F;watch?v=8Z685OF-PS8" rel="nofollow">http:&#x2F;&#x2F;www.youtube.com&#x2F;watch?v=8Z685OF-PS8</a><p>There is another thread on the HN front page right now about a Blackhat conference talk on x86 CPUs. There is another talk on that page about how TLS relies on the trustworthiness of internet routing.<p>What is the point of securing connections when you have no control over routing?<p>Instead of relying on securing &quot;connections&quot;, I think schemes that send out &quot;encrypted blobs&quot; with the hope they arrive at the proper destination make more sense.<p>Encrypting blobs is not something for which an &quot;authority&quot; is needed. This is something over which the user can retain full control without involving third parties. As it should be.<p>TLS might have encryption that works well enough to &quot;secure a connection&quot; but if I am not mistaken it still has no reliable way to verify an endpoint (recipient) is the one you want it to be. Some people call that &quot;authentication&quot;.<p>I&#x27;m not even sure that TLS can reliably perform &quot;authentication of the connection&quot; as Fielding states.<p>For that, I think SSH is a better protocol.

This doesn&#x27;t feel right to me. No one can touch this man&#x27;s credentials, but lets suspend the argument of authority for a second and look at what he is saying critically: Is TLS more private overall than plantext http?<p>If you want to remain private, how could TLS prevent this that plaintext would not? HTTP is not tor.

Can anyone explain what he&#x27;s referring to with the statement<p>&gt; <i>with TLS in place, it becomes easy and commonplace to send stored authentication credentials in those requests, without visibility, and without the ability to easily reset those credentials (unlike in-the-clear cookies).</i>?<p>Cookies are orthogonal to presence of TLS, I thought (unless they&#x27;re marked as secure, in which case they are only supplied to https hosts?)<p>Is there some other way of identifying a particular user&#x2F;browser&#x2F;session[1] other than the quirks &amp; features enumerator along hte lines of Panopticlick?<p>If there is (ISTR some &#x27;session storage&#x27; for resuming TLS in nginx), is that cross-trackable across different services (potentially all TLS-terminating in the same place, such as Cloudflare or AWS)?<p>One good point is that I hadn&#x27;t considered is that the lack of proxyability means every request which can&#x27;t be filled from the browser cache <i>must</i> hit the actual endpoint, making it easier for them to follow along action-by-action when it might otherwise have been served up before getting to them by a caching middle-proxy.<p>My (limited) understanding is that you&#x27;re potentially providing more information to the remote service, but are better secured against people snooping on your traffic as it flows between you and them.<p>[1] also not including client certificates, because exactly 1 site on the internet actually uses them :P

I found the title a bit misleading.<p>He&#x27;s arguing that viewing public information over HTTPS is no more private than doing so without encryption.<p>Sure, insofar as an entire response consists only of public information, this is a tautology, isn&#x27;t it?

&gt; If the IETF wants to improve privacy, it should work on protocols that provide anonymous access to signed artifacts (authentication of the content, not the connection) that is independent of the user&#x27;s access mechanism.<p>He basically wants a better version of Freenet. Fine. However, that&#x27;s orthogonal to the effort to make all channels secure channels. IETF can do <i>both</i>, if people are interested. Plaintext TCP needs to die, and building the infrastructure to move everyone to HTTPS is a step in that direction.<p>He shouldn&#x27;t obstruct HTTPS just because it&#x27;s not Freenet(bis). To use his Freenet(bis) vaporware, people will need to become familiar with managing private keys. HTTPS has a similar requirement, so HTTPS Everywhere is a step in the direction he wants to go.

&gt; TLS is NOT desirable for access to public information, except in that it provides an ephemeral form of message integrity that is a weak replacement for content integrity.<p>TLS both encrypts and authenticates the response. Is TLS authentication a &quot;weak replacement&quot; for some other, better &quot;content integrity&quot; system that&#x27;s widely available in browsers?<p>Roy suggests content signatures... but is there a web mechanism to authenticate <i>those</i>? Or is he just wishing there were something better than TLS? (Don&#x27;t we all?)

<p><pre><code> &gt; If the IETF wants to improve privacy, it should work on protocols &gt; that provide anonymous access to signed artifacts (authentication &gt; of the content, not the connection) that is independent of the &gt; user&#x27;s access mechanism. [...] &gt; It would be better to provide content signatures and encourage &gt; mirroring, just to be a good example, but I don&#x27;t expect eggs to &gt; show up before chickens. </code></pre> If I wanted to have the eggs before the chickens, what would I do? Sign my content with PGP? Sign the HTML file? Offer it as separate signed download? Are there examples of pages doing this?

HTTPS link: <a href="https:&#x2F;&#x2F;www.ietf.org&#x2F;mail-archive&#x2F;web&#x2F;ietf&#x2F;current&#x2F;msg93416.html" rel="nofollow">https:&#x2F;&#x2F;www.ietf.org&#x2F;mail-archive&#x2F;web&#x2F;ietf&#x2F;current&#x2F;msg93416....</a>

This sounds like complete PR reality distortion.<p>How exactly is TLS different to plaintext in anonymity? - There is no client-cert.<p>Also HTTPs everywhere does not necessarily mean &quot;real&quot; CAs. Self signed certs, even without pinning, would raise the bar of snooping from monitoring (easy) to traffic manipulation (hard). In this case there would not be a green lock in the address bar of course.<p>This whole thread feels like one propaganda attempt to sway the techinal community. And yes, here is where the people to manipulate are.

I would wager that absolutely no one has ever become uniquely identifable as a result of using TLS. People have MAC and IP addresses tied to their real identities. People have social media profiles and run scripts from dozens of places on every page load.<p>Can someone please describe a situation in which someone reasonably wouldn&#x27;t have been trackable to Google or to the NSA, but becomes trackable as a result of HTTPS?<p>I can&#x27;t think of one. Screw this guy and his politics.

The thing being commented on is here: <a href="https:&#x2F;&#x2F;trac.tools.ietf.org&#x2F;group&#x2F;iesg&#x2F;trac&#x2F;wiki&#x2F;HttpsEverywhere" rel="nofollow">https:&#x2F;&#x2F;trac.tools.ietf.org&#x2F;group&#x2F;iesg&#x2F;trac&#x2F;wiki&#x2F;HttpsEveryw...</a>

&gt;It would be better to provide content signatures and encourage mirroring.<p>What does it mean? Mirror Site?

Is there a way I can view this with line wrapping in Firefox or in Chrome?<p>EDIT: Using Firefox Dev Ed, there&#x27;s a little &quot;Reader View&quot; icon on the right hand side of the address bar that seems to do the trick.

Https for everything is worthy for at least one reason: to shut up the scum operators who insert their ads. Privacy and confidentiality are of a much less importance.

agree also<p>tls is not https3.<p>tls already has been broken 3+ times.<p>this is an open ticket for 1 year in the TLS repo for an exploit.<p>and the author of TLS released a MITM exploit on TLS he wrote (not that other protocols are not vulnerable to MITM)<p>theres no reason to put this in SSH&#x2F;SSL&#x2F;HTTP and run all internet communication over it.

Roy is a wannabe industry shill who plays politics at a very amateur level. Roy could care less about your privacy, as long as ads and tracking work. He fundamentally thinks that ad blocking is theft and that you have no right to privacy.<p>- an ex-tracking protection working group member.