[entropyie]

That legacy baggage is the only thing that allows older hardware to connect to the modern network. It's the only thing that allows folks the agency and autonomy to setup their own services and share them with folks locally, without requiring the blessing and grace of a distant 3rd party authority.

I've spent 20 years working with advanced PKI and cryptography in many different domains and form factors, and what I've learned is that even with the best of intentions, they are all fragile and their default state is broken, without constant maintenance.

Availability and resilience to failure are key pillars to security that are often overlooked.

In the past 20 years, all of the critical failures in PKI systems that I have seen were due to expiring certs, expiring CRLs, failure to distribute new PKI in time, accidental deletion of key PKI, missing intermediate certs. None were due to MITM, weak crypto, spoofed packets, use of plain HTTP. Make of that anecdote what you will.

[lucideer]

> In the past 20 years, all of the critical failures in PKI systems that I have seen [...] None were due to [...] use of plain HTTP.

Not sure how a PKI failure specifically can be due to use of plain HTTP, but I assure you there's been plenty of other very real security failures over the past 20 years due to use of HTTP.

> That legacy baggage is the only thing that allows older hardware to connect to the modern network.

This sounds like legacy baggage, yes. The term "legacy" is not a value judgement. It doesn't mean "bad", it just means "old".

[jen20]

> without requiring the blessing and grace of a distant 3rd party authority.

Nothing stops you installing a private CA into the trusted roots for this kind of case.

[entropyie]

Here is a thought experiment for you: Right now, I have a 45 year old rotary telephone working fine in my living room, hooked up to VOIP with an adaptor.

In 40 years time, how will anyone be able to make use of my "antique Internet Radio / Amazon Alexa"?

Virtually zero appliances / embedded systems sold today allow you to configure the CA bundle. Even Android is locking this down bit by bit as they don't want anyone peeking at all the surveillance traffic their Apps are sending to the internet.

[jeroenhd]

Your 45 year old rotary telephone could also have encrypted the numbers you're dialing. Buying user-hostile devices is what leads to user-hostile behaviour.

Apps needing to opt into CA certificates are an annoyance for sure but in 45 years the API those apps are talking to won't be running anyway. You'll still be able to buy WiFi adaptors for whatever tech we'll use by then to physically hook up your current devices, but the network itself won't work unless you set up a server for yourself.

Your converter box is similarly difficult, an old "speaker hooked up to a wire" protocol has been converted into a fully fledged Internet appliance. The POTS services that the phone wants to connect to are no longer there, you need to spoof them; the same will be true for the smart crapware we buy today.

[lucideer]

> Here is a thought experiment for you: Right now, I have a 45 year old rotary telephone working fine in my living room, hooked up to VOIP with an adaptor.

The adaptor in your analogy sounds like it could be analogised by a local transparent proxy.

A more apt formulation of the analogy would be phone companies persisting DTMF to avoid the need for adapters.

----

<off-topic> What adapter do you use? I also have a rotary phone & have been struggling to find a good one...

[entropyie]

A local proxy in this analogy would have to be able to MITM the traffic... which is unlikely to work with an Alexa. I'd like to see the EU mandate customer configurable CA bundles, but I won't hold my breath! --- https://www.dialgizmo.com/ A bit finicky, but does what is says on the tin ;-)

[lucideer]

If the definition of "older hardware" is closed saas-supported media products then I guess this is a different discussion than I thought. I'd be surprised if the SaaS support lifespan of things like Alexa would even be long enough for the hardware to be in any way usable after reaching an age considered "old" but... if it does, then I'd suggest the sibling commenter's point about selection criteria fits here.

> * I'd like to see the EU mandate customer configurable CA bundles*

Agree but I'd go broader - right to flash or some kind of general firmware/os/softwate openness mandate would be nice to see.

[jen20]

Make that part of your purchase criteria if it matters to you.

[AnIdiotOnTheNet]

> Availability and resilience to failure are key pillars to security that are often overlooked.

In my experience, it cannot be overstated how true this statement is.