On 8/26/2011 12:18 AM, t.petch wrote:
> Why does the IETF website consider it necessary to use TLS to access the
> mailing list archives, when they all appeared without it, or any other
> security, in the first place?
There is a general move towards using https for all web exchanges, as already
noted on this thread. When a server-side cert is used, this includes
protection against man-in-the-middle attacks.
As for providing confidentiality when the data are actually public, yeah, that's
kind of wasted, but the web service can't know whether the data needs
protecting. For example you might be logging in to your mailing list account.
However, as Eliot notes, there is a degree of data authentication this provides.
As for the alternative of object-based signing, that's good in theory, but not
as well deployed -- and some current IETF wg activity seeks to remedy this(*) --
and therefore not an immediately superior choice. (As a fan of object-based
signing, I would rather have the authentication be object-based.)
On 8/26/2011 10:29 PM, Glen Zorn wrote:
I could have sworn that TLS was an e2e mechanism. Maybe you're using
the term "hop" in a manner unfamiliar to me?
Evidently so.
The likely disparity is with applications that have their own store-and-forward
model, as already noted on this thread. TLS covers only one step (hop) in the
sequence; by definition, that's not end2end.
And note that this is a rather larger set of apps than most people realize.
The modern web, for example, is highly store and forward at the application
level. First, the author is typically far removed from the server that provides
the data. Second, caches and proxies mediate the exchange. TLS protects none
of the intermediary processes.
In other words, with respect to application-level protection, TLS is equivalent
to a link-level protocol. It is 'direct' between two apps participants during
an immediate exchange. It does not cover the sequence of nodes at the
application level. Having a sequence of TLS sessions provides protection of the
communication exchanges, but does not protect within the nodes mediating the
(apps-level) e2e sequence.
In other words, "end to end" is a relative construct. Even email is not
end2end, relative to some processes that use email, such as EDI...
d/
(*) A fundamental issue that arises especially for object-based signing is which
identifier to use. There is a very large difference between having it signed by
the author's organization, versus by the web server operator, for example.
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
_______________________________________________
Ietf mailing list
Ietf@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ietf