On 05/28/2018 10:23 AM, Mike Hammett wrote:
Has anyone outside of tech media, Silicon Valley or academia (all places wildly
out of touch with the real world) put much thought into the impacts of
encryption everywhere?
See "Effects of Pervasive Encryption on Operators."
https://datatracker.ietf.org/doc/draft-mm-wg-effect-encrypt/?include_text=1
TLS1.3 uses ephemeral keys, so even if you own both endpoints and
everything in the middle, you can't decrypt a flow without some
yet-to-be-developed technology.
QUIC encrypts everything, and of course, HTTPS.
So often we hear about how we need the best modern encryption on all forms of
communication because of whatever scary thing is trendy this week (Russia, NSA,
Google, whatever). HTTPS your marketing information and generic education
pieces because of the boogeyman!
However, I recently came across a thread where someone was exploring getting a
one megabit connection into their village and sharing it among many. The crowd
I referenced earlier also believes you can't Internet under 100 megabit/s per
home.
Yeah. Too many people forget that most of the Internet is mobile, and
mobile != LTE. People also assume packet loss < 0.1%, latency <100ms,
and power reliability >99%.
However, this could be wildly improved with caching ala squid or something
similar. The problem is that encrypted content is difficult to impossible for
your average Joe to cache. The rewards for implementing caching are greatly
mitigated and people like this must suffer a worse Internet experience because
of some ideological high horse in a far-off land.
Some things certainly do need to be encrypted, but encrypting everything means
people with limited Internet access get worse performance OR mechanisms have to
be out in place to break ALL encryption, this compromising security and privacy
when it's really needed.
To circle back to being somewhat on-topic, what mechanisms are available to
maximize the amount of traffic someone in this situation could cache? The
performance of third-world Internet depends on you.
A proxy is all I've thought of. But it means everything is dependent on
the proxy, and it's even in-path for things that really should be
encrypted, like email and messaging.
I can't imagine why the weather should be encrypted, when everyone in a
location wants to know the forecast.
Lee
