The biggest difference is that HTTP/3 (and to a lesser extent, 2) are designed and implemented entirely and exclusively for for profit-business use cases at the detriment to all other use cases and specifically longevity. Since there are no HTTP/3 implementations that allow the use of non-CA TLS or even just plain text that means in order to host a visitable website for major browsers you have to get continued re-approval from a third party corporation every ~3 months. This means that websites using HTTP/3 will have very short unmaintained lifetimes. HTTP/3 sites will not last many years. They'll simply become unvisitable in a fraction of a year if there's ever any problem in the huge chain of complexity that is acme2 (and when acme2 is deprecated and turned off a huge portion of the web will die, much more than died when acme1 was turned off on LE).
There is one feasible change that can be made now: Firefox needs to change the flags in it's HTTP/3 library build so that self signed certs are allowed.
Nope. It should be possible to set up infrastructure to serve web content without being beholden to a certificate authority. By all means there can be a bunch of warnings whenever anyone tries to access it but it should still be possible.
But you can : you can do whatever horrors you want, privately. You want your own browser with specific compiled-options ? Then do it and deploy it on your private perimeter.
However, if you want to expose something publicly, then your own ideas matters less than the interests of your clients (at least, this is how I see things) : so exposing to the internet something without TLS or with a self-signed / private CA certificates is something that should be denied (those three propositions are the same, if you think about it).
These kinds of security mindsets exist because browsers have been made extremely insecure these days by encouraging and even setting the default behavior to automatically execute random programs downloaded from random places while at the same time exposing bare metal functionality for speed.
This incredibly insecure business use case has made it so using a browser for merely surfing the web is dangerous and that's why CA TLS is required. But if you just turn JS off... it's fine.
There is so much more to the web than just business web applications selling things or institutional/government websites with private information. There are human people on the web and their use cases matter too. HTTP/3 disregards them. It's fine for now but when Chrome removes HTTP/1.1 for "security reasons" it's not going to be fine.
These kinds of security mindsets exist because, as a network architect, I know at least a couple of ways to put myself between you and your destination, and from there to read and/or rewrite your unencrypted data. Of course, if I manage any network between you and your destination, things get a lot more easier.
I do not want my coworkers to do that on any of my communications, nor my family, nor anybody.
The only known way to prevent this is encryption.
And no, it has nothing to do with browsers : the same applies to my emails, ssh, IRC and whatever.
Yes. And there's almost zero risk to such (ARP poisoning? dns poisoning? etc) MITM attacks when you turn off javascript and don't blindly execute all programs sent to you as an end user.
The problem with MITM attacks is when you execute programs or exchange money or other private information. The risks when viewing public documents that don't require execution is minimal. That's my point. One use case "web app stores" ruins everything for everyone by requiring the mindset you advocate for as browser defaults. But the entire justification goes away if the end user just turns off JS auto-execute. It's not intrinsic to all use cases for the web or even most.
EDIT: Mentioning wikipedia is missing the point. Of course there are cases where CA TLS should be used. I am not denying that. I am saying there are many cases with CA TLS makes things fragile and short lived and it is not needed: like personal websites run by a human person. And these use cases are not invalidated by the existence of yet another corporate person (wikimedia).
> The risks when viewing public documents that don't require execution is minimal.
If you’re living in a well developed country with strong privacy laws, you might have a point. But most of the people in the world don’t, and in many places simply looking at LGBT communities can land you in jail.
Then there’s places like the U.S. with multiple states currently doing their level best to criminalise so much as thinking about an abortion. I don’t see why those states would be above scanning people’s clear text browsing habits to any signs of a possible abortion, and using it as evidence of an illegal abortion having been committed or about to be committed. They’ve certainly jailed women for less (even while pregnant).
Just because you’re among a group of people that is lucky enough to have no worries about being oppressed, or discriminated against, doesn’t mean everyone has that luxury. Encryption is good for everyone, I don’t anyone being able to easily know what I do online, because I have no idea who those people, or what their motives might be, and quite frankly I don’t care. I just don’t want them rummaging around in my life looking for opportunities to exploit me or others.
Lets talk again the first time a US state based CA revokes a cert under pressure for an abortion clinic site being against some state's law. Then you'll really want that HTTP/1.1 back. If we go CA TLS only it just means there's a single point of failure/censorship. HTTP+HTTPS is robust from censorship in a way centralized CA HTTPS only can never be.
So we’re just going to ignore the fact that most websites these days are co-located on shared IP addresses, and there’s perfectly good ways of encrypting the TLS SNI header?
There is one feasible change that can be made now: Firefox needs to change the flags in it's HTTP/3 library build so that self signed certs are allowed.