Am Donnerstag, 4. Juni 2015, 13:57:24 schrieb Roy T. Fielding: > TLS does not provide privacy. What it does is disable anonymous access to > ensure authority. It changes access patterns away from decentralized > caching to more centralized authority control. That is the opposite of > privacy. TLS is desirable for access to account-based services wherein > anonymity is not a concern (and usually not even allowed). TLS is NOT > desirable for access to public information, except in that it provides an > ephemeral form of message integrity that is a weak replacement for content > integrity. Yes, i remember and know several scenarios where providers (mainly in the middle east and africa, where bandwidth is still "expensive") still are using large scale HTTP caching (wie build a few of it in the past) - to "save bandwidth" (costs) and/or improve "surf performance" from their view. HTTPS stuff isn't "usually" cached (except they try to break it by faking all SSL by their own (MitM) "working" certificate, which is afaik less the case in provider networks). This means users have to use the outer side networks to get static HTTP docs in any case / for "each request" - these networks are still often not secured physically or logically (i.e. unencrypted satellite or microwave trunks or fiber over neighbour country territory - encryption still costs ressources/money here...) and so (at least) very easy to sniff by anyone with very small equipment - i.e. jouranlists, hobbyists and - of course - any kind of other guys within i.e. the same satellite footprint. HTTPS brings centralization which leads to the opposite of "privacy" in such cases, but even if smaller networks are running caches this could make user tracking by third parties much more difficult. To provide data integrity (by the entity [like the IETF] BYSELF and not any third party the user has to trust additionally and to read/check by hand each time using a browser session!) content signing would be much more helpful while it allows further access over HTTP caches or even mirrors. And not at least: caching and mirroring could hardly rise data availability - by redundancy and it is more difficult to block access to. See i.e. the former wikileaks mirror network working this way (and i remember how my collegue was tried pressed by german services / police to hand out access to the german wikileaks web domain some years ago...). > If the IETF wants to improve privacy, it should work on protocols that > provide anonymous access to signed artifacts (authentication of the > content, not the connection) that is independent of the user's access > mechanism. +1 I'm not a crypto geek, but for me something what allows i.e. using my own pgp public key to sign (HTTP) documents on request - integrated in browsers / web security standards or similiar, would be a helpful solution. F.i., PGP still needs improvements in the possibilities of (decentralized) trust handling and transparent, dynamic "security levels" (a user has to "decide" which entities he trust in which way on a still more transparent and easier to "manage" level) - but i think that a person or entity should be able to manage trust from his own view onto it - and not mainly/only single others (or a complete branche of as in HTTPS/x509 the case in practice). The PGP principle is the nearest to that att. many thanks, Niels. -- --- Niels Dettenbach Syndicat IT & Internet http://www.syndicat.com PGP: https://syndicat.com/pub_key.asc ---
Attachment:
signature.asc
Description: This is a digitally signed message part.