Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Wikipedia: Wikitech

How's the SSL thing going?

  

 
First page Previous page 1 2 Next page Last page  View All Wikipedia wikitech RSS feed   Index | Next | Previous | View Threaded


jeremy at tuxmachine

Jul 31, 2013, 2:00 PM

Post #26 of 41 (92 views)
Permalink
Re: How's the SSL thing going? [In reply to]
On Wed, Jul 31, 2013 at 8:56 PM, Paul Selitskas <p.selitskas [at] gmail> wrote:
> Yes, that is exactly what I do. But Google, for instance, redirects me to
> HTTP, and if I've logged via HTTPS recently, I would have to log in once
> again via HTTP. It's very frustrating.

I think you've misinterpreted. "HTTPS Everywhere" is a proper noun.
https://www.eff.org/https-everywhere

> Are there public statistics on HTTPS
> v. HTTP processed requests share for Wikimedia? Rough numbers?

I have no idea.

> For inexperienced users yet concerned about privacy, there should be an
> HTTP/HTTPS switch in the Preferences page. We have one at the
> registration/log-in page, but I'd like MediaWiki to remember that I want to
> use HTTPS only.

That was considered but I believe the consensus was not to do that.
Instead we will (eventually) force all logged in users to HTTPS as
long as they're logged in. (So like your proposal except that the
preference is hidden and always enabled for everyone)

-Jeremy

_______________________________________________
Wikitech-l mailing list
Wikitech-l [at] lists
https://lists.wikimedia.org/mailman/listinfo/wikitech-l


mflaschen at wikimedia

Jul 31, 2013, 2:29 PM

Post #27 of 41 (91 views)
Permalink
Re: How's the SSL thing going? [In reply to]
On 07/31/2013 04:35 PM, Tyler Romeo wrote:
> Like I've said before, the NSA spying on what users are reading is still
> the least of our concerns. We should focus on making sure passwords aren't
> sent over plaintext before attempting to evade a government-run
> international spy network.

I'm not sure what that has to do with the the message you replied to. I
completely support rolling out HTTPS where possible (I'm using HTTPS
Everywhere already).

I was agreeing that we need to be aware of Risker's concern (other
people have mentioned it too, of course) that we not effectively lock
out users in China and other countries that may block SSL. It's
important to remember that people in China still can and do edit
Wikipedias in other languages, too.

This applies if we mandate secure login in such countries, too.

As for government-run spy networks, we don't know what their full
capabilities are. But there are plenty of benefits to rolling out SSL
regardless, even just for privacy from the person at the other end of
the coffee shop. Firesheep, anyone?

Matt Flaschen

_______________________________________________
Wikitech-l mailing list
Wikitech-l [at] lists
https://lists.wikimedia.org/mailman/listinfo/wikitech-l


tylerromeo at gmail

Jul 31, 2013, 2:34 PM

Post #28 of 41 (91 views)
Permalink
Re: How's the SSL thing going? [In reply to]
On Wed, Jul 31, 2013 at 5:29 PM, Matthew Flaschen
<mflaschen [at] wikimedia>wrote:

> I'm not sure what that has to do with the the message you replied to. I
> completely support rolling out HTTPS where possible (I'm using HTTPS
> Everywhere already).
>

Sorry I might have highlighted the wrong message when replying. I was
referring to the discussion about how TLS doesn't entirely solve the
problem and that we should start adding random packets in order to prevent
traffic analysis.

*-- *
*Tyler Romeo*
Stevens Institute of Technology, Class of 2016
Major in Computer Science
www.whizkidztech.com | tylerromeo [at] gmail
_______________________________________________
Wikitech-l mailing list
Wikitech-l [at] lists
https://lists.wikimedia.org/mailman/listinfo/wikitech-l


rlane32 at gmail

Jul 31, 2013, 2:45 PM

Post #29 of 41 (91 views)
Permalink
Re: How's the SSL thing going? [In reply to]
On Wednesday, July 31, 2013, Ryan Lane wrote:

> On Wed, Jul 31, 2013 at 1:06 PM, David Gerard <dgerard [at] gmail<javascript:_e({}, 'cvml', 'dgerard [at] gmail');>
> > wrote:
>
>> Oh - if anyone can authoritatively compose a WMF blog post on the
>> state of the move to SSL (the move to logins and what happened there,
>> the NSA slide, ongoing issues like browsers in China, etc), that would
>> probably be a useful thing :-)
>>
>>
> I'll be posting blog posts each step of the way as we move to SSL. We have
> plans on SSL for anons by default, but there's no official roadmap for
> doing so.
>
>
A follow up: I've started writing a blog post about this and hope to have
something postable by tomorrow.

- Ryan
_______________________________________________
Wikitech-l mailing list
Wikitech-l [at] lists
https://lists.wikimedia.org/mailman/listinfo/wikitech-l


george.herbert at gmail

Jul 31, 2013, 2:59 PM

Post #30 of 41 (91 views)
Permalink
Re: How's the SSL thing going? [In reply to]
It would be useful to focus on the short term problem and solution; the coming quantum computer factoring factory issue which will render large-prime crypto less useful is still on the horizon.

The big threat is lack of basic HTTPS everywhere. The second is site key security (ensuring the NSA never gets your private keys). The third is perfect forward security with rapid key rotation.


George William Herbert
Sent from my iPhone

On Jul 31, 2013, at 2:45 PM, Ryan Lane <rlane32 [at] gmail> wrote:

> On Wednesday, July 31, 2013, Ryan Lane wrote:
>
>> On Wed, Jul 31, 2013 at 1:06 PM, David Gerard <dgerard [at] gmail<javascript:_e({}, 'cvml', 'dgerard [at] gmail');>
>>> wrote:
>>
>>> Oh - if anyone can authoritatively compose a WMF blog post on the
>>> state of the move to SSL (the move to logins and what happened there,
>>> the NSA slide, ongoing issues like browsers in China, etc), that would
>>> probably be a useful thing :-)
>>>
>>>
>> I'll be posting blog posts each step of the way as we move to SSL. We have
>> plans on SSL for anons by default, but there's no official roadmap for
>> doing so.
>>
>>
> A follow up: I've started writing a blog post about this and hope to have
> something postable by tomorrow.
>
> - Ryan
> _______________________________________________
> Wikitech-l mailing list
> Wikitech-l [at] lists
> https://lists.wikimedia.org/mailman/listinfo/wikitech-l

_______________________________________________
Wikitech-l mailing list
Wikitech-l [at] lists
https://lists.wikimedia.org/mailman/listinfo/wikitech-l


bawolff at gmail

Jul 31, 2013, 3:03 PM

Post #31 of 41 (91 views)
Permalink
Re: How's the SSL thing going? [In reply to]
> As for government-run spy networks, we don't know what their full
> capabilities are. But there are plenty of benefits to rolling out SSL
> regardless, even just for privacy from the person at the other end of
> the coffee shop. Firesheep, anyone?
>
> Matt Flaschen

I agree that there's lots of benefits to ssl, and its something that
we really should do. I just think we should be clear on our threat
model, and not mislead people into thinking it will protect them from
an entity with the resources of a state. SSL is too often banded about
as being something which will totally prevent government type spying.

--bawolff

_______________________________________________
Wikitech-l mailing list
Wikitech-l [at] lists
https://lists.wikimedia.org/mailman/listinfo/wikitech-l


tylerromeo at gmail

Jul 31, 2013, 5:22 PM

Post #32 of 41 (88 views)
Permalink
Re: How's the SSL thing going? [In reply to]
Also, on a side note, Facebook *just* made HTTPS the default:

https://www.facebook.com/notes/facebook-engineering/secure-browsing-by-default/10151590414803920

*-- *
*Tyler Romeo*
Stevens Institute of Technology, Class of 2016
Major in Computer Science
www.whizkidztech.com | tylerromeo [at] gmail


On Wed, Jul 31, 2013 at 6:03 PM, Brian Wolff <bawolff [at] gmail> wrote:

> > As for government-run spy networks, we don't know what their full
> > capabilities are. But there are plenty of benefits to rolling out SSL
> > regardless, even just for privacy from the person at the other end of
> > the coffee shop. Firesheep, anyone?
> >
> > Matt Flaschen
>
> I agree that there's lots of benefits to ssl, and its something that
> we really should do. I just think we should be clear on our threat
> model, and not mislead people into thinking it will protect them from
> an entity with the resources of a state. SSL is too often banded about
> as being something which will totally prevent government type spying.
>
> --bawolff
>
> _______________________________________________
> Wikitech-l mailing list
> Wikitech-l [at] lists
> https://lists.wikimedia.org/mailman/listinfo/wikitech-l
>
_______________________________________________
Wikitech-l mailing list
Wikitech-l [at] lists
https://lists.wikimedia.org/mailman/listinfo/wikitech-l


lcarr at wikimedia

Jul 31, 2013, 5:31 PM

Post #33 of 41 (88 views)
Permalink
Re: How's the SSL thing going? [In reply to]
On Wed, Jul 31, 2013 at 5:22 PM, Tyler Romeo <tylerromeo [at] gmail> wrote:
> Also, on a side note, Facebook *just* made HTTPS the default:
>
> https://www.facebook.com/notes/facebook-engineering/secure-browsing-by-default/10151590414803920
>

As an FYI - facebook, a site where every person is logged in and
possibly seeing non-public content is very different than Wikimedia.


> *-- *
> *Tyler Romeo*
> Stevens Institute of Technology, Class of 2016
> Major in Computer Science
> www.whizkidztech.com | tylerromeo [at] gmail
>
>
> On Wed, Jul 31, 2013 at 6:03 PM, Brian Wolff <bawolff [at] gmail> wrote:
>
>> > As for government-run spy networks, we don't know what their full
>> > capabilities are. But there are plenty of benefits to rolling out SSL
>> > regardless, even just for privacy from the person at the other end of
>> > the coffee shop. Firesheep, anyone?
>> >
>> > Matt Flaschen
>>
>> I agree that there's lots of benefits to ssl, and its something that
>> we really should do. I just think we should be clear on our threat
>> model, and not mislead people into thinking it will protect them from
>> an entity with the resources of a state. SSL is too often banded about
>> as being something which will totally prevent government type spying.
>>
>> --bawolff
>>
>> _______________________________________________
>> Wikitech-l mailing list
>> Wikitech-l [at] lists
>> https://lists.wikimedia.org/mailman/listinfo/wikitech-l
>>
> _______________________________________________
> Wikitech-l mailing list
> Wikitech-l [at] lists
> https://lists.wikimedia.org/mailman/listinfo/wikitech-l



--
Leslie Carr
Wikimedia Foundation
AS 14907, 43821
http://as14907.peeringdb.com/

_______________________________________________
Wikitech-l mailing list
Wikitech-l [at] lists
https://lists.wikimedia.org/mailman/listinfo/wikitech-l


wikimail at inbox

Jul 31, 2013, 9:28 PM

Post #34 of 41 (88 views)
Permalink
Re: How's the SSL thing going? [In reply to]
On Wed, Jul 31, 2013 at 5:59 PM, George Herbert <george.herbert [at] gmail>wrote:

> The second is site key security (ensuring the NSA never gets your private
> keys).


Who theoretically has access to the private keys (and/or the signing key)
right now?

The third is perfect forward security with rapid key rotation.
>

Does rapid key rotation in any way make a MITM attack less detectable?
Presumably the NSA would have no problem getting a fraudulent certificate
signed by DigiCert.
_______________________________________________
Wikitech-l mailing list
Wikitech-l [at] lists
https://lists.wikimedia.org/mailman/listinfo/wikitech-l


rlane32 at gmail

Jul 31, 2013, 9:43 PM

Post #35 of 41 (88 views)
Permalink
Re: How's the SSL thing going? [In reply to]
On Wed, Jul 31, 2013 at 9:28 PM, Anthony <wikimail [at] inbox> wrote:

> On Wed, Jul 31, 2013 at 5:59 PM, George Herbert <george.herbert [at] gmail
> >wrote:
>
> > The second is site key security (ensuring the NSA never gets your private
> > keys).
>
>
> Who theoretically has access to the private keys (and/or the signing key)
> right now?
>
>
People who have root at Wikimedia, which is Wikimedia's operations team and
a few of the developers.


> The third is perfect forward security with rapid key rotation.
> >
>
> Does rapid key rotation in any way make a MITM attack less detectable?
> Presumably the NSA would have no problem getting a fraudulent certificate
> signed by DigiCert.
>

SSL Observatory would likely pick that up if it was done in any large
scale. It's less detectable when done in a targeted way, but if that's the
case, the person being targeted is already pretty screwed and we wouldn't
likely be the site targeted.

- Ryan
_______________________________________________
Wikitech-l mailing list
Wikitech-l [at] lists
https://lists.wikimedia.org/mailman/listinfo/wikitech-l


jeremy at tuxmachine

Jul 31, 2013, 9:52 PM

Post #36 of 41 (88 views)
Permalink
Re: How's the SSL thing going? [In reply to]
On Thu, Aug 1, 2013 at 4:28 AM, Anthony <wikimail [at] inbox> wrote:
> On Wed, Jul 31, 2013 at 5:59 PM, George Herbert <george.herbert [at] gmail>wrote:
>> The second is site key security (ensuring the NSA never gets your private
>> keys).
>
> Who theoretically has access to the private keys (and/or the signing key)
> right now?

The roots. https://meta.wikimedia.org/wiki/Sysadmins#List (was out of
date last time I overhauled it, maybe it's being updated more
regularly now)

>> The third is perfect forward security with rapid key rotation.
>
> Does rapid key rotation in any way make a MITM attack less detectable?
> Presumably the NSA would have no problem getting a fraudulent certificate
> signed by DigiCert.

I'm not seeing the relevance. And we have the SSL observatory (EFF) fwiw.

We (society, standards making bodies, etc.) need to do more to reform
the current SSL mafia system. (i.e. it should be easier for a vendor
to remove a CA from a root store and we shouldn't have a situation
where many dozens of orgs all have the ability to sign certs valid for
any domain.)

I'm not sure how much we (Wikimedia) can do about that though.

-Jeremy

_______________________________________________
Wikitech-l mailing list
Wikitech-l [at] lists
https://lists.wikimedia.org/mailman/listinfo/wikitech-l


hashar+wmf at free

Aug 1, 2013, 1:02 AM

Post #37 of 41 (88 views)
Permalink
Re: How's the SSL thing going? [In reply to]
Le 31/07/13 23:59, George Herbert a écrit :
> (ensuring the NSA never gets your private keys)

Which they might already have =)

--
Antoine "hashar" Musso


_______________________________________________
Wikitech-l mailing list
Wikitech-l [at] lists
https://lists.wikimedia.org/mailman/listinfo/wikitech-l


hashar+wmf at free

Aug 1, 2013, 1:04 AM

Post #38 of 41 (88 views)
Permalink
Re: How's the SSL thing going? [In reply to]
Le 01/08/13 06:52, Jeremy Baron a écrit :
> We (society, standards making bodies, etc.) need to do more to reform
> the current SSL mafia system. (i.e. it should be easier for a vendor
> to remove a CA from a root store and we shouldn't have a situation
> where many dozens of orgs all have the ability to sign certs valid for
> any domain.)
>
> I'm not sure how much we (Wikimedia) can do about that though.

Potentially similar minded foundations could form a new foundation that
would be their SSL authority :-] I am not sure whether it would be cost
effective though.

--
Antoine "hashar" Musso


_______________________________________________
Wikitech-l mailing list
Wikitech-l [at] lists
https://lists.wikimedia.org/mailman/listinfo/wikitech-l


jeremy at tuxmachine

Aug 1, 2013, 1:18 AM

Post #39 of 41 (88 views)
Permalink
Re: How's the SSL thing going? [In reply to]
On Thu, Aug 1, 2013 at 9:04 AM, Antoine Musso <hashar+wmf [at] free> wrote:
> Le 01/08/13 06:52, Jeremy Baron a écrit :
>> We (society, standards making bodies, etc.) need to do more to reform
>> the current SSL mafia system. (i.e. it should be easier for a vendor
>> to remove a CA from a root store and we shouldn't have a situation
>> where many dozens of orgs all have the ability to sign certs valid for
>> any domain.)
>>
>> I'm not sure how much we (Wikimedia) can do about that though.
>
> Potentially similar minded foundations could form a new foundation that
> would be their SSL authority :-] I am not sure whether it would be cost
> effective though.

That would take years of lead time (once the CA is all ready) to get
into vendor root stores. And then you have to wait for the products to
actually ship.

I guess we could also get cross-signed for the interim. Anyway, would
need some long-term vision/investment. That wouldn't help anything
until at least the end of next year. But then we still end up with the
same problem: dozens of other orgs (in addition to the new
hypothetical non-profit) can fraudulently sign a cert for wikipedia
and be trusted nearly everywhere.

-Jeremy

_______________________________________________
Wikitech-l mailing list
Wikitech-l [at] lists
https://lists.wikimedia.org/mailman/listinfo/wikitech-l


wikimail at inbox

Aug 1, 2013, 4:54 AM

Post #40 of 41 (88 views)
Permalink
Re: How's the SSL thing going? [In reply to]
On Thu, Aug 1, 2013 at 12:52 AM, Jeremy Baron <jeremy [at] tuxmachine> wrote:

> On Thu, Aug 1, 2013 at 4:28 AM, Anthony <wikimail [at] inbox> wrote:
> > Does rapid key rotation in any way make a MITM attack less detectable?
> > Presumably the NSA would have no problem getting a fraudulent certificate
> > signed by DigiCert.
>
> I'm not seeing the relevance. And we have the SSL observatory (EFF) fwiw.
>

I fully admit that I don't understand exactly how SSL observatory works. I
thought it detected when the key changes, so I was wondering whether
rapidly rotating keys might thwart that. But again, I don't really
understand how it works. So it wasn't a rhetorical question.


We (society, standards making bodies, etc.) need to do more to reform
> the current SSL mafia system. (i.e. it should be easier for a vendor
> to remove a CA from a root store and we shouldn't have a situation
> where many dozens of orgs all have the ability to sign certs valid for
> any domain.)
>

In order to not be easily detected, the cert used by the MITM would need to
be from the same CA as the usual one (DigiCert?). Or at least from someone
who had obtained DigiCert's key. Or is my cluelessness about how SSL
observatory works showing once again?
_______________________________________________
Wikitech-l mailing list
Wikitech-l [at] lists
https://lists.wikimedia.org/mailman/listinfo/wikitech-l


tim at tim-landscheidt

Aug 2, 2013, 9:03 PM

Post #41 of 41 (81 views)
Permalink
Re: How's the SSL thing going? [In reply to]
Antoine Musso <hashar+wmf [at] free> wrote:

>> (ensuring the NSA never gets your private keys)

> Which they might already have =)

Or they might get anytime. If I understand it correctly,
the NSA didn't steal the root passwords for Google, Facebook
and the like, but properly served subpoenas. They could do
(or have done) the same for the WMF, provided that the legal
requirements are fulfilled.

Enabling SSL for *this* use case is like stocking up ammo
for the visit of the tax collector; it doesn't make you tax-
exempt, it just means the collection might be a tad more
complicated.

Emphasis should be put on that the benefits of HTTPS every-
where are primarily against *illegal* snooping.

Tim


_______________________________________________
Wikitech-l mailing list
Wikitech-l [at] lists
https://lists.wikimedia.org/mailman/listinfo/wikitech-l

First page Previous page 1 2 Next page Last page  View All Wikipedia wikitech RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.