[Cryptography] [cryptography] STARTTLS for HTTP
Tom Ritter
tom at ritter.vg
Tue Aug 19 09:59:00 EDT 2014
On 18 August 2014 23:29, Tony Arcieri <bascule at gmail.com> wrote:
> Anyone know why this hasn't gained adoption?
>
> http://tools.ietf.org/html/rfc2817
>
> I've been watching various efforts at widespread opportunistic encryption,
> like TCPINC and STARTTLS in SMTP. It's made me wonder why it isn't used for
> HTTP.
What's the point? Anything that speaks HTTP also speaks HTTPS, so
there's no need for the "If you support it, I have TLS available."
Just use any of multitude of redirect mechanisms for your webserver to
kick people onto HTTPS.
> Opportunistic encryption could be completely transparent. We don't need any
> external facing UI changes for users (although perhaps plaintext HTTP on
> port 80 could show a broken lock). Instead, if the server and client
> mutually support it, TLS with an unauthenticated key exchange is used.
I didn't read the draft word for word, but I don't see anything in it
that indicates the client MUST NOT validate the server certificate or
MUST use anonymous ciphersuites. Indeed it seems to say the opposite.
-tom
More information about the cryptography
mailing list