[Cryptography] [cryptography] Is it time for a revolution to replace TLS?

[Salz, Rich]

> One problem that occurred with TLS was that there was an assumption that the job was to secure the reliable stream connection mechanics of TCP.  False assumption.

Not false, that was a design goal.  Make HTTP, which is a TCP protocol, "secure" (for some definition of secure which isn't relevant right now, actually).

> A second problem was that the design was too intertwined with commercial PKI so certs were hung on the side as a millstone for server authentication

SSL was invented to enable electronic commerce, and the concern was that people would have to feel comfortable that they were sending their credit card information to Sears, not Sores. So server-side authentication, in the form of trusted third parties, was felt to be the best way forward. So RSA with certificates was the answer, and IIRC RSA got a piece of Netscape equity in exchange for a license.

Recall that this was all twenty years ago.

> Pretty much nobody uses streams by design, they use datagrams.  

Except for the web, yeah, nobody.

> TLS does the job so badly that using a different method is just as plausible.

Except for the web deployed base, sure.

	/r$

--  
Principal Security Engineer
Akamai Technologies, Cambridge, MA
IM: rsalz at jabber.me; Twitter: RichSalz