The messy, musical process behind the web’s new security standard

TechCrunch | 6/11/2018 | Devin Coldewey
MonkeyBubble (Posted by) Level 3
Click For Photo: https://techcrunch.com/wp-content/uploads/2018/03/gettyimages-845790860.jpg?w=600


Click For Photo: https://techcrunch.com/wp-content/uploads/2018/03/gettyimages-845790860.jpg

The web is a big place, and changing the way it works isn’t a simple process. But it has to happen somehow or we’d all still be using Mosaic and transmitting our private data in cleartext. A new security standard called TLS 1.3 is the latest big change to how our browsers communicate, but the process by which it was created is a little weirder and less structured than you might think.

“Anyone can participate from anywhere. There’s no cost — you can just send your stuff in,” said Sean Turner of the Internet Engineers Task Force, an official sort of collective that evaluates new standards for the web and decrees them best practices.

Turner - Joe - Salowey - Standard - Co-chairs

Turner and Joe Salowey, whom I spoke with after the standard was approved, are co-chairs of the Working Group that put together TLS 1.3 that upends years of security practices — all for the better, they hope.

Far from being a smoke-filled room where elites and captains of industry dictate the protocols and algorithms that will define the next generation of online products and services, the IETF and bodies like it are throwbacks to the early days of the internet: lots of giant open email threads, hard tech talk, and almost certainly a lot of subtle shade thrown at each other’s Linux distributions.

Something - System - Developer - Suggestions - Committee

But it’s still something of a closed system: how does the average developer get their suggestions considered by the committee considering a given proposal or piece of code? In the past pretty much everything was done by mailing lists. It worked well enough, but for TLS 1.3 the team decided to shake things up and move the process into a semblance of modernity.

“This time we did things a little different,” Sean said. “We actually put the document on GitHub and let anyone comment. And then we were...
(Excerpt) Read more at: TechCrunch
Wake Up To Breaking News!
Sign In or Register to comment.

Welcome to Long Room!

Where The World Finds Its News!