Why Decrypt HTTPS?

From Opendium Documentation
Jump to navigation Jump to search

The vast majority of web traffic is now encrypted, and by installing a certificate onto client devices, Opendium systems are able to decrypt and inspect that traffic. In the wider IT community, whether or not traffic should be subject to decryption is a contentious issue, with serious ramifications for privacy, detection of crime and democracy. We believe that it is important to make a distinction between adults, who society expects to be responsible for themselves, being subjected to mandatory surveillance (e.g. by governments or corporations), versus parents and schools being able to protect the children for whom they are responsible.

The statutory guidance provided to UK schools offers a huge amount of freedom, with schools being expected to use a "risk based approach" to how they filter and monitor internet usage. This freedom would seem to give schools the opportunity to decide for themselves whether to decrypt, so long as they could carry out a risk assessment which justifies that approach. However, the same statutory guidance also signposts to the UK Safer Internet Centre's Appropriate Filtering for Education Settings guidance, which includes a number of well founded requirements that cannot be fulfilled without decrypting traffic.

We think it is unlikely that a school could construct a reasonable risk assessment which rejects the UK Safer Internet Centre's guidance and decryption requirements whilst keeping the level of risk acceptable.

In particular, the UK Safer Internet Centre's guidance includes the following points, which require HTTPS decryption:

  • Block access to illegal Child Sexual Abuse Material (CSAM) - Up to 92% of this content cannot be blocked without decrypting traffic.
  • Integrate the ‘the police assessed list of unlawful terrorist content, produced on behalf of the Home Office’ - 79% of content on this list requires decryption.
  • Providers should be clear how their system does not over block access so it does not lead to unreasonable restrictions - One way to avoid overblocking is to only block the unsafe parts of a website, whilst continuing to allow access to safe parts. If the traffic is not decrypted, it is only possible to block/allow the entire website.
  • Circumvention – the extent and ability to identify and manage technologies and techniques used to circumvent the system, for example VPN, proxy services and DNS over HTTPS - Whilst no system can block all methods of circumvention, there are some VPN technologies that cannot be detected or blocked without decryption.
  • Contextual Content Filters – in addition to URL or IP based filtering, the extent to which (http and https) content is analysed as it is streamed to the user and blocked. For example, being able to contextually analyse text on a page and dynamically filter - Contextual analysis of content is only possible if the system can see the content. Encrypted content which is not being decrypted cannot be analysed.
  • Reports – the system offers clear historical information on the websites visited by your users - Whilst reporting doesn't strictly require decryption, the reports will be of extremely limited utility if the traffic is not being decrypted.