On Mar 6, 2013, at 6:25 AM, Wendy Roome wrote: > Thanks, Michael. That's why I brought this up in the first place: I didn't > know what that statement in -14 meant, and I wanted clarification. I can > think of at least three interpretations: > > 1. If an ALTO server chooses to do authentication/encryption, it must do > it with SSL/TLS. That is, an ALTO server may choose to offer just an > unsecured/unauthenticated http: interface, or just a secure https: > interface, or both. > > 2. A server must provide an encrypted/secure SSL/TLS interface as well as > an unencrypted interface. That is, a compliant ALTO server must support > both http: and https: requests. > > 3. A server is only allowed to provide an encrypted/secure SSL/TLS > interface. That is, a compliant ALTO server cannot accept unsecured http: > requests. > > I prefer #1. I can live with #2, but I don't think it's necessary. And I > strongly oppose #3. > > - Wendy Roome
Speaking as a network security and network measurement person, I have the opposite reaction. #3 is optimal, #2 I can live with, and I strongly advise against #1. For server authentication, TLS imposes four costs. Three are trivial: the amount of CPU usage for key exchange, the cost for a certificate (GoDaddy claims $6/year), and the need to use a distinct IP for the hostname if you can't support Server Name Identification. One is real: making sure you don't screw up on installing and rolling the certificate. Both #2 and #3 have the same cost. But TLS offers a huge advantage: Proxies abound, and HTTP proxies even moreso. The result is there are an amazing number of network devices which think they are smarter than the traffic, but well, they aren't. E.g. half of the in-path HTTP caches cache data incorrectly. Cellphone networks now experience image transcoding, etc. If you want to avoid the headaches caused by these too-smart-for-their-own-good middleboxes, you have to use TLS on port 443, its just about the only port and protocol thats unmolested by the network. For client authentication, TLS is a pain. But it depends on context: if its new program to server, TLS client authentication is no worse than ANY other authentication mechanism, as you still have the exchange/pairing problem no matter what. If its User to Server, its an utter abominable failure. _______________________________________________ alto mailing list [email protected] https://www.ietf.org/mailman/listinfo/alto
