Re: draft-ietf-tls-http-upgrade reissued

Julien Pierre (jpierre@netscape.com)
Fri, 05 May 2000 17:22:36 -0700

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Julien Pierre: "Re: draft-ietf-tls-http-upgrade reissued"
Previous message: Miles Sabin: "RE: Using Chunked encoding to send control messages to a client"
Maybe in reply to: Scott Lawrence: "draft-ietf-tls-http-upgrade reissued"
Next in thread: Julien Pierre: "Re: draft-ietf-tls-http-upgrade reissued"

This is a cryptographically signed message in MIME format.

--------------msDE5D296786B07CAE9F03D4AE
Content-Type: multipart/mixed;
 boundary="------------999B234129F4AEF5765944F2"

This is a multi-part message in MIME format.
--------------999B234129F4AEF5765944F2
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

Hi,

John Stracke wrote:

> Julien Pierre wrote:
>
> > John Stracke wrote:
> >
> > > Just because a client always asks to upgrade doesn't mean the server has to obey.
> >
> > So how does that make the draft useful if the upgrade is never allowed ?
>
> Who said never?
>
> A client that wants to use the draft can ask for an upgrade on every HTTP request.
> Servers that aren't willing to spend cycles on TLS for a particular request can just
> ignore the Upgrade: header.

That still does not solve the problem !!!

If the client tries to upgrade to TLS on every request, it will fail 99% of the time,
because servers don't support it. Suppose in 1% of the cases it will actually work.

Now, suppose that in 2% of the cases, the request data was intended to be confidential
and the user really didn't want to submit the data unsecured, but the server didn't
negotiate TLS. The only way for a user to make sure he does not mistakenly submit data
unencrypted is to setup his browser to prompt him on every single HTTP request that
didn't successfully negotiate TLS.

In other words, a waste of time 98% of requests. Do you really find that to be acceptable
?

The whole point I'm trying to make is that there should be a way for a web application
that is intended to be secure to enforce that fact and reasonably function on a server
running on a common port with HTTP and TLS upgrade support. The draft does not propose a
way to do that.

It would be as simple as a new type of "httpt" URL - which would tell the user-agent to
connect insecurely with the server, and immediately negotiate a TLS connection; and
otherwise not to proceed if the TLS upgrade fail. This cannot be a global user-agent
setting for reasons explained before - security is not always required nor desirable.

If you really want to get ISPs to stop wasting IP addresses on multiple secure servers,
as well as separate the ports, then you need to make it possible to create new secure web
applications that will work with the new user-agents and servers proposed in the new
draft, without incurring a high risk of falling back to non-secure connections. The draft
is currently too vague in the way that the security is enforced and makes it way too easy
to shoot yourself in the foot and end up with a non-secure connection if the negotiation
fails, rather than aborting.

--
for a good time, try kill -9 -1


--------------999B234129F4AEF5765944F2
Content-Type: text/x-vcard; charset=us-ascii;
 name="jpierre.vcf"
Content-Transfer-Encoding: 7bit
Content-Description: Card for Julien Pierre
Content-Disposition: attachment;
 filename="jpierre.vcf"

begin:vcard 
n:Pierre;Julien
tel;work:408 276 3664
x-mozilla-html:FALSE
url:http://www.iplanet.com
org:iPlanet E-commerce Solutions, a Sun-Netscape Alliance;Web Server
adr:;;;Santa Clara;California;95054;USA
version:2.1
email;internet:jpierre@netscape.com
title:Software Developer
x-mozilla-cpt:;31920
fn:Julien Pierre
end:vcard

--------------999B234129F4AEF5765944F2--

--------------msDE5D296786B07CAE9F03D4AE
Content-Type: application/x-pkcs7-signature; name="smime.p7s"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="smime.p7s"
Content-Description: S/MIME Cryptographic Signature

MIIIiQYJKoZIhvcNAQcCoIIIejCCCHYCAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHAaCC
BlwwggMPMIICeKADAgECAgIY9zANBgkqhkiG9w0BAQQFADCBkzELMAkGA1UEBhMCVVMxCzAJ
BgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRswGQYDVQQKExJBbWVyaWNhIE9u
bGluZSBJbmMxGTAXBgNVBAsTEEFPTCBUZWNobm9sb2dpZXMxJzAlBgNVBAMTHkludHJhbmV0
IENlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0wMDAzMDkyMzA0NTNaFw0wMDA5MDUyMzA0NTNa
MIGFMRMwEQYKCZImiZPyLGQBGRYDY29tMRgwFgYKCZImiZPyLGQBGRYIbmV0c2NhcGUxIzAh
BgkqhkiG9w0BCQEWFGpwaWVycmVAbmV0c2NhcGUuY29tMRYwFAYDVQQDEw1KdWxpZW4gUGll
cnJlMRcwFQYKCZImiZPyLGQBARMHanBpZXJyZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC
gYEA3QSGxo7n60AUq9zfp96BwOzboYbjYXBhxILxpbkJBSh6wlLqQvjlyO3EZ2+KwDZvgBuh
5Z6uy95ZTfT32bIrr0p97eNXLKGFEN87KQhR7kltc8CSelu0ZP3MsfqBYMnEJBH2myrWpySd
vflZR0cOz4jaudtp4/Stfx99rLL5YUcCAwEAAaN+MHwwEQYJYIZIAYb4QgEBBAQDAgWgMA4G
A1UdDwEB/wQEAwIEsDAfBgNVHSMEGDAWgBSiO2Uy9/cbifxVDQcBvIdIWv2QPTA2BggrBgEF
BQcBAQQqMCgwJgYIKwYBBQUHMAGGGmh0dHA6Ly9uc29jc3AubmV0c2NhcGUuY29tMA0GCSqG
SIb3DQEBBAUAA4GBAEXeJ+7JMiFzcHgDXl359MR39rWnjg8Bm9dWNnUwHeWyfWdWBoplIxQI
gVFRVsUrNuAR9C6SW5FMm8mbsKfZXh08jREidxoH3jgIkq8TrLdGe2WyWdWnPL2oSMDiTLW7
pDTg8IXQpmHPkomGgbxha+Pgn9lL4d17iaZT5Op3pO4rMIIDRTCCAq6gAwIBAgIBJzANBgkq
hkiG9w0BAQQFADCB0TELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAG
A1UEBxMJQ2FwZSBUb3duMRowGAYDVQQKExFUaGF3dGUgQ29uc3VsdGluZzEoMCYGA1UECxMf
Q2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjEkMCIGA1UEAxMbVGhhd3RlIFBlcnNv
bmFsIEZyZWVtYWlsIENBMSswKQYJKoZIhvcNAQkBFhxwZXJzb25hbC1mcmVlbWFpbEB0aGF3
dGUuY29tMB4XDTk5MDYwMzIyMDAzNFoXDTAxMDYwMjIyMDAzNFowgZMxCzAJBgNVBAYTAlVT
MQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEbMBkGA1UEChMSQW1lcmlj
YSBPbmxpbmUgSW5jMRkwFwYDVQQLExBBT0wgVGVjaG5vbG9naWVzMScwJQYDVQQDEx5JbnRy
YW5ldCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB
AOLvXyx2Q4lLGl+z5fiqb4svgU1n/71KD2MuxNyF9p4sSSYg/wAX5IiIad79g1fgoxEZEarW
3Lzvs9IVLlTGbny/2bnDRtMJBYTlU1xI7YSFmg47PRYHXPCzeauaEKW8waTReEwG5WRB/AUl
Yybr7wzHblShjM5UV7YfktqyEkuNAgMBAAGjaTBnMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYD
VR0lBBYwFAYIKwYBBQUHAwQGCCsGAQUFBwMCMBEGCWCGSAGG+EIBAQQEAwIBAjAfBgNVHSME
GDAWgBRyScJzNMZV9At2coF+d/SH58ayDjANBgkqhkiG9w0BAQQFAAOBgQC6UH38ALL/QbQH
CDkMIfRZSRcIzI7TzwxW8W/oCxppYusGgltprB2EJwY5yQ5+NRPQfsCPnFh8AzEshxDVYjtw
1Q6xZIA0Tln6xlnmRt5OaAh1QPUdjCnWrnetyT1p5ECNRJdGb756wFiksR9qpw8pUYqBDSmO
neQPMwuPjSQ97DGCAfUwggHxAgEBMIGaMIGTMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0Ex
FjAUBgNVBAcTDU1vdW50YWluIFZpZXcxGzAZBgNVBAoTEkFtZXJpY2EgT25saW5lIEluYzEZ
MBcGA1UECxMQQU9MIFRlY2hub2xvZ2llczEnMCUGA1UEAxMeSW50cmFuZXQgQ2VydGlmaWNh
dGUgQXV0aG9yaXR5AgIY9zAJBgUrDgMCGgUAoIGxMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0B
BwEwHAYJKoZIhvcNAQkFMQ8XDTAwMDUwNjAwMjIzN1owIwYJKoZIhvcNAQkEMRYEFJBp/+pv
2gDHer3tp+o6m7gsXrLXMFIGCSqGSIb3DQEJDzFFMEMwCgYIKoZIhvcNAwcwDgYIKoZIhvcN
AwICAgCAMAcGBSsOAwIHMA0GCCqGSIb3DQMCAgFAMA0GCCqGSIb3DQMCAgEoMA0GCSqGSIb3
DQEBAQUABIGAYhTqkHs6BqrA45QJGeGVZw75HQn49JEbLCr/RYoOVJnvaPvmb0z8iFC4Yh1q
4oYa8GqHPOyFWYJIkFSZD6JiawjNJjaLs/X4Oyih8auuB7O6ep9lldoC38VCxmwoF9iTMgO5
OjZkBOhxj0QspIJ8I5VR+1iJ9pTVcbPZfai+aXo=
--------------msDE5D296786B07CAE9F03D4AE--

Next message: Julien Pierre: "Re: draft-ietf-tls-http-upgrade reissued"
Previous message: Miles Sabin: "RE: Using Chunked encoding to send control messages to a client"
Maybe in reply to: Scott Lawrence: "draft-ietf-tls-http-upgrade reissued"
Next in thread: Julien Pierre: "Re: draft-ietf-tls-http-upgrade reissued"