undefined | Better HN

0 pointsrab_oof11y ago0 comments

It's clear LibreSSL is only a half measure.

TLS is far too complicated with design-by-committee, special vendor extension sauce nonsense. Heck, the FIPS code was rushed and basically done at the behest of US/Canadian govts. OpenSSL should consider burning their deadwood and stop adding features until it gets its house in order.

There's no telling how large of an attack surface remains at the protocol level, in the codebase and with CAs being compelled to issue rogue certs for MITMs.

Moreover: Can TLS features be narrowed to focus on popular and high-value use-cases instead of SCTP, UDP, oh look a bird feature? It's fine for hacking on, but not production code. (If "TLS" is evolutionarily to "Perl," who's working on a "Python"?)

BTW: What ever happened to the cert WoT overlay 'moxie0 was working on?

0 comments

2 comments · 2 top-level

nanolith11y ago

It is true that TLS is part of the problem. But, it is also a widely deployed standard that cannot be changed overnight. That's why LibreSSL is necessary.

We need to build simpler protocols that make better use of cryptographic primitives, but first, we have to push back the tide. Eventually, TLS will be superseded by a better standard. But, this is something that even if started today with the most aggressive schedule would take 5 to 10 years to go industry-wide.

tptacek11y ago

It was scaled back to TACK, a TLS extension that decentralizes certificate authority, which competed with HPKP, a similar but less ambitious standard; HPKP seems to have won. It's not optimal but it's progress.

j / k navigate · click thread line to collapse