This needs to be highlighted more often. TLS interception can be a very effective tool to expose insecure APIs and blatant privacy violations. It's ultimately a tradeoff between security (no bad interception) and privacy (no idea what my device is sending).
TLS doesn't prevent you from intercepting your end of the connection on a device you control. If you don't control your own device then the problem is with your device, not TLS. We shouldn't weaken TLS just because you chose to hand control of your device to someone else.
Well I agree. My main concern is that we're loosing that control in the name of security, in particular on mobile devices. Take Android as an example, which doesn't respect user-added CAs anymore for application traffic [1]. It's even worse with cert-pinned iOS apps where you cannot root easily, although Apple is at least trying to fix this with App Transport Security (which does respect user-added CAs).
I definitely do not want to see a weaker TLS - 1.3 is great. At the same time, I do not want to have 'security improvements' that make it impossible for average developers to see their own device's traffic. That will ultimately enable insecure APIs and gross privacy violations behind TLS.
> My main concern is that we're loosing [sic] that control in the name of security
If you've lost that control you have nobody to blame but yourself. There are devices and operating systems on the market that do not require you to give up that control. If you choose to buy a device you can't root and an OS you can't modify, that's all on you.
> ...and privacy (no idea what my device is sending).
This is where Libre/Open Source software comes in and why it plays a vital role in creating an ethical connection between people and softwares. There is literally no other way around this. Open code, secure transmission, harsh accountability on violations.
Open source is great, but using source code is an awful way to figure out what something is transmitting, compared to actually looking at what it transmits.
Lets be pragmatic here though - it's not reasonable to expect all software to be open source, nor is it reasonable to expect that only people who run a fully FOSS stack be able to inspect network traffic on their computer.
By definition the insistence that it should be possible to do something that's actually impossible is not pragmatism.
If you don't actually control the box, it can do whatever it pleases. It doesn't need an IETF Standards Track RFC, it can just choose to do it and you can't stop it.
I agree, I'm continually saddened by the zealotry of the anti-surveillance lobby and the seeming dismissal of the privacy focused hacker who wants to know when exactly does Uber send data, and what exactly do they send.
Especially when it goes as far as encoding the philosophy that state actors are the only problem that matters into the very protocol.
