[ALUG] Mozilla will obsolete HTTP

Miku, E. Cornelius miku at habari.co.tz
Mon May 4 19:15:02 EAT 2015


Interesting discussion, good going guys.

I think Security is as much technical as it is political.

The main discussion here is Securing HTTP traffic, and from my technical
point of view the best way to do that is from the source(server side), that
means it's a web/host master's job.

But what if this person doesn't really know what they are doing? Let's
agree of the qualities the Internet should have Safety[1] is a major one.
And for it to prosper there must standards and a way to make sure they are
followed.

Mozilla's and Google's approach is similar to how email currently operates.
The postmaster(who knows what they're doing) can easily control/force users
to use SSL/TLS OR set parameters to delay/reject/etc emails from
misconfigured servers. But with HTTP the only way of forcing the
webmaster's hand is from the client(the browser).
As long as the standards these browsers are enforcing are the same
standards developed by the Internet community through public consensus.

[1] The Safety in mind here is the kind of safety that not anyone you
pissed off can Google a tutorial and easily compromise your
security/privacy, or any kid who knows how to use Wireshark can end up
causing some serious damage. So at least for me I see what they are trying
to do is a good start.
Safety from Governments and these 3-letter Agencies(as Richard call them)
that have backdoors in OpenSSL and run CAs all over the World will remain
political and a fight for another day, if they want to compromise your
privacy they can and will do it regardless. In other words you're (as Alan
put it)screwed.

PS. I see there's a lot of interest on this subject may be we should put it
in schedule of future discussions(meets) and may be Andreas and myself will
talk about security/encryption/cryptography before it.

Cheers,

-- 
Miku
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.habari.co.tz/pipermail/linux/attachments/20150504/2f6463d2/attachment.html>


More information about the Linux mailing list