On the WebSockets mailing list, there is a heated discussion going on about whether or not WebSockets should be deployed over TLS (aka “https”) or not. The common misconceptions about TLS arise, of course. But it has become increasingly clear that most people view protocol security completely backwards, because of HTTP. (Thanks to Jim Roskind for crystallizing this)
Today, we view the web as two protocols:
Our vantage point is backwards because we started with the notion that security is an “add on”. In today’s hostile networking environment, nothing could be further from the truth. Security is not a feature, but a requirement. Offering an “insecure” version for those that want to play risky should be the optional feature. This just becomes more true when you think of the fact that new protocols will be in use 10 years from now…
Today, we view the web as two protocols:
- HTTP: The protocol of the web
- HTTPS: The secure version of HTTP. Cool!
- HTTPS: The protocol of the web
- HTTP: The insecure version of HTTPS. Yikes!
Our vantage point is backwards because we started with the notion that security is an “add on”. In today’s hostile networking environment, nothing could be further from the truth. Security is not a feature, but a requirement. Offering an “insecure” version for those that want to play risky should be the optional feature. This just becomes more true when you think of the fact that new protocols will be in use 10 years from now…
No comments:
Post a Comment