In the three years since IETF said pervasive monitoring is an attack, what's changed?

Security and the end-to-end model

Farrell said more encryption is changing the Internet in ways the general public probably doesn't think about – but which they'll appreciate.

The old end-to-end model – the “neutral Internet” – has been under both overt and covert attack for years: carriers want to be more than passive bit-pipes, so they look for ways that traffic management can become a revenue stream; while advertisers want access to traffic in transit so they can capture information and inject advertisements.

Ubiquitous encryption changes both of these models, by re-empowering the endpoints. Along the way, perhaps surprisingly, Farrell sees this as something that can make innovation on the Internet more democratic.

He cited HTML2 and QUIC as important non-IETF examples: “there's a whole bunch of people motivated to use TLS almost ubiquitously, not only because they care about privacy, but because of performance: it moves the point of control back towards the endpoint, not the middle of the network.

“One of the interesting and fun things of trying to improve the security properties and privacy properties of the network is that it changes who controls what.

“If you encrypt a session, nobody in the middle can do something like inject advertising.

“It reasserts the end-to-end argument in a pretty strong way. If you do the crypto right, then the middlebox can't jump in and modify things – at least not without being detectable.”

He argues that the carrier's / network operators' “middleboxes” became an innovation roadblock.

“The real downside of having middleboxes doing things is that they kind of freeze what you're doing, and prevent you innovating.

“One of the reasons people did HTTP2 implementations, that only ever talk ciphertext, is because they found a lot of middleboxes would break the connection if they saw anything that wasn't HTTP 1.1.

“In other words, the cleartext had the effect that the middleboxes, that were frozen in time, would prevent the edges from innovating. Once they encrypted the HTTP2 traffic, the middleboxes were willing to say 'it's TLS so I won't go near it', and the innovation can kick off again at the edges.”

Won't somebody think of the sysadmin?

Systems administrators – in enterprises as well as in carriers – are less in love with crypto.

“Network management people have been used to managing cleartext networks,” he said.

For more than 20 years, for perfectly legitimate reasons – and without betraying their users – sysadmins would look into packets, see what they contained, and when sensible do something about them.

“Not for nefarious reasons – in order to detect attacks, in order to optimise traffic, and so on. We're changing that, and that also means the technology they're using will be undergoing change, to deal with much more ciphertext than plaintext.

“We need to learn better ways of how to fulfil those same functions on the network,” he said.

“If you had some security mechanism in your network for detecting some malware attack traffic, instead of being able to operate that from the middle of the network, it pushes a requirement on you to move that to the edge.”

Commercial services are starting to understand how this can work, he said: “If you look at some of the commercial instant messaging providers, that have introduced end-to-end encryption of their messaging – they have found they can move those functions in their networks to new places to do what they need to do.

“It means change, but it doesn't make network management impossible.”