Snowden's NSA Leaks Gave IETF a Needed Security Wake-up Call 52
alphadogg writes "Security and how to protect users from pervasive monitoring will dominate the proceedings when members of Internet Engineering Task Force meet in London starting Sunday. For an organization that develops the standards we all depend on for the Internet to work, the continued revelations made by NSA whistleblower Edward Snowden have had wide-ranging repercussions. 'It wasn't a surprise that some activities like this are going on. I think that the scale and some of the tactics surprised the community a little bit. ... You could also argue that maybe we needed the wake-up call,' said IETF Chairman Jari Arkko. Part of that work will also be to make security features easier to use and for the standards organization to think of security from day one when developing new protocols."
two words: trusted proxy (Score:5, Insightful)
Re:two words: trusted proxy (Score:4, Insightful)
We need to replace both SSL/TLS AND the broken CA cert model with a new security system specifically designed so its NOT possible to build such a "trusted proxy" or otherwise MITM the connection even if you control the client (i.e. all those corporate solutions that require a special root certificate on the client and then use that to proxy SSL in a way that users generally wont notice unless they start looking at the certificate details)
Re:two words: trusted proxy (Score:5, Insightful)
Uh.. secure communications for the client even if the adversary controls the client? Good luck with that.
Re: two words: trusted proxy (Score:3, Insightful)
I'll give you a hint. If it involves a premise of "trusted" it can't be.