Fri 05 June 2015
I really don't want to get in the middle of the "HTTPS Everywhere" debate, but a
recent message on the topic by Roy Fielding (of REST fame) really
bothered me, so I'll add my voice to the chorus anyway. Let's start with the
non-technical problem with that email, just to get it behind us sooner. Here's
what Fielding has to say near the end of the message.
TLS everywhere is great for large companies with a financial stake in
Internet centralization. It is even better for those providing identity
services and TLS-outsourcing via CDNs. It's a shame that the IETF has been
Yes indeed, abuse is a problem, and that passage is abusive. It implicitly
accuses those on the opposite side of the debate of acting in bad faith,
without even making an exact accusation that can be answered. Such "well
poisoning" has no place in a supposedly technical debate, and I don't think
it's a coincidence that the IETF chair sent out a
discussion style and respect. Even if there are valid concerns about
conflicts of interests, it's better to bring them up in a different forum and
Also, if Fielding wants to talk about conflicts of interest, his
responsibility (as recommended e.g. by the ACM code of ethics should
be to disclose his own conflicts. How does his public stance on this issue
relate to what his employer (Adobe) wants? How does it relate to his
controversial decision to have the Apache web server ignore "do not track"
requests? He has said that his actions were motivated by a belief that
Microsoft was trying to sabotage DNT by making it a default - some pretty
twisted logic there. Isn't it at least as likely that he's familiar with
such attempts at sabotage because he's involved in one? He's remarkably
effective at it, too. Actions speak louder than words, and his only action
on this issue so far has been distinctly anti-privacy.
Maybe, instead of opening such a can of worms by accusing others, Fielding
should stick to the technical issues. Unfortunately, he's wrong there too.
TLS does not provide privacy. What it does is disable anonymous access to
TLS provides two kinds of functionality: authentication and encryption.
Since it prevents passive collection of data in flight (e.g. at routers),
encryption is clearly
good for privacy. Therefore, for Fielding's claim to
be true, authentication must be at least equally bad for privacy. Is it?
As it turns out, TLS provides two kinds of authentication - servers to
clients, and vice versa. The only way TLS makes clients less anonymous is if
client certificates are used, which they rarely are. I happen to think
that's a shame, because there are many situations where they'd be better than
common alternatives, but that's the way things are nonetheless. Except in a
few rare cases, TLS does nothing to make clients less anonymous than they
were before. Fielding makes a big deal about how the sum of a client's
interactions with many servers can still be used to reveal their identity and
activities, but every bit of that information availabile with TLS is still
available without TLS. TLS didn't make that part worse.
The only semi-lucid nugget of truth in Fielding's rant is that ubiquity of
TLS makes it more likely that website or application designers will embed
other kinds of credentials in the HTTP/S stream(s). The (clumsily unstated)
assumption is that this information can be harvested
at the endpoints and
used to facilitate the kind of traffic analysis mentioned previously. Well,
perhaps, but these "equalization of risk" arguments tend to cut both ways.
TLS itself makes it safer to send credentials over the wire, and application
designers might well respond by doing so more frequently . . . but why assume
they'll stop there? Might they not equalize again, by adding more safeguards
at the endpoints to prevent misuse of that data? Should we assume that
they won't? The slope's not slippery one moment and sticky the next. That's
even worse than assuming it's slippery throughout.
So, do I think Fielding's wrong, and "HTTPS Everywhere" is a good idea?
Actually, I haven't made up my mind yet. I'm sure there are decent arguments
to be made on both sides. In particular, cache interactions still seem to be
a problem. Perhaps that's why otherwise-smart people who work on caching
have lined up on Fielding's side. If so, I wish they'd present the real
arguments behind their position, because counterfactual claims and
hominem attacks just don't cut it. From what has been presented so far, the
argument in favor of HTTPSE looks a lot stronger than the argument against.