Web Creator: Web Was Built for Simplicity, Not Security

By

World Wide Web creator suspects the web would’t have caught on if he’d made it too complicated.

In his keynote address at the IPExpo Europe conference, World Wide Web creator Tim Berners-Lee defended his decision to keep the web simple and not build in additional security features. According to a report in the Register, Berners-Lee said he wanted to make the World Wide Web easy for developers to use and program for; otherwise, “The Web might not have taken off if it had been too difficult.”
The World Wide Web began as an effort to merge hypertext technology with DNS-based Internet networking. Security depended on the underlying security of the network – much as it still does to this day. The whole notion of a protocol stack is that upper layers rely on services provided by the layers below, and when Berners-Lee built the first web server and client, he had no way of imagining the web would one day need anything more. The Reg (and other commentators) have noted that Berners-Lee’s comments are in contrast to Internet co-founder Vincent Cerf, who has stated that he wishes that security had received more attention during the development of the underlying TCP/IP protocol system.
Berners-Lee did say he supports always-on HTTPS cryptography for web connections, and he said he strongly supports the need for more privacy on the web, stating “The idea that privacy is dead is hopelessly sad.”

10/13/2014

Related content

  • SPDY HTTP Protocol

    More than 20 years have passed since its introduction, and HTTP certainly shows some signs of age. Google’s new SPDY protocol solves some problems with HTTP without breaking existing websites.

  • HTTP/1.1 versus HTTP/2 and HTTP/3
    HTTP/2 introduced multiplexing, resulting in superior bandwidth utilization over HTTP/1.1, and HTTP/3 solves the problem of transmission delays from packet loss by replacing TCP with QUIC.
  • Developing RESTful APIs
    The popularity of REST APIs has increased of late, not only on industry sites, but also in the framework of smaller projects. We explain why this is so and illustrate the fairly abstract architectural approach with a concrete example.
  • Multifactor authentication from FIDO
    The FIDO Alliance is working to build open solutions for the future of authentication.
  • Port Knocking
    To ensure that the data on your computers remains accessible only by you and those with whom you want to share, we look at the advantages of combining TCP Wrappers and port knocking.
comments powered by Disqus