Re: people.debian.org will move from ravel to paradis and become HTTPS only
Op zondag 20 juli 2014 09:23:55 schreef u:
> On Sun, Jul 20, 2014, at 08:15, Wouter Verhelst wrote:
> > Additionally, since debian.org uses DNSSEC, if you can somehow MITM
> > people.debian.org then due to DANE you can MITM it for HTTP as well as
> > HTTPS, so forcing HTTPS really doesn't gain you much.
> But that implies that the attacker has access to private keys, and in
> case you are so screwed.
My point exactly: if someone can somehow MITM people.debian.org they
have access to private key material that they shouldn't have access to.
> The possibility of stolen private keys should not be argument for not
> implementing security.
I'm not against implementing security -- I'm against forcing https where
it makes no sense.
> > > There are lots of attack vectors. It's not a response to a single
> > > attack being exploited in the wild.
> > So name one?
> Pervasive monitoring. Really we should introduce encryption
I realize that in these days of Snowden and similar things it is
fashionable to say that there's someone snooping every connection
everywhere, but I don't think that's a) a very strong argument, or b)
blocked by use of HTTPS (if the "pervasive monitoring" kind of people
like the NSA want to, they'll just subpoena those who have access to the
secret data and get what they want).
Additionally, and again, I'm not against allowing HTTPS for those who
want to make pervasive monitoring harder--I'm against disabling plain
HTTP just for the sake of it. Sure, enable HTTPS, and yeah, sure, enable
HSTS too. But disabling HTTP? That doesn't serve any useful purpose.
It is easy to love a country that is famous for chocolate and beer
-- Barack Obama, speaking in Brussels, Belgium, 2014-03-26