On 6/1/18 10:04 AM, Ryan Sleevi via dev-security-policy wrote: > On Fri, Jun 1, 2018 at 9:14 AM, Peter Kurrasch via dev-security-policy < > dev-security-policy@lists.mozilla.org> wrote: > >> Security can be viewed as a series of AND's that must be satisfied in >> order to conclude "you are probably secure". For example, when you browse >> to an important website, make sure that "https" is used AND that the domain >> name looks right AND that a "lock icon" appears in the UI AND, if the site >> uses EV certs, that the name of the organization seems correct. Failing any >> of those, stop immediately; if all of them hold true, you are probably fine. >> > > Note that research has shown that your first, second, third, and fourth > options are all unreasonable requests of humans trying to be productive. > > That is, https is unnecessarily confusing, "the domain looks right" is an > unreasonable task (might as well say "Make sure the fabardle is boijoing" > when presenting domains), and lock icons positive indicator is unnecessary > hostile. And that's before we get to EV certs (are you saying I shouldn't > do business with KLM?) > > So basically, all four steps are unreasonable to determine you're fine :)
Yes, it's a shame that we technologists have abjectly failed at producing usable security. However, given the mess we've made of things, we can at least do our best to protect protect users with the weak and faulty mechanisms we've created (and work to create better ones). What policies are appropriate for organizational names in certificates? Peter
signature.asc
Description: OpenPGP digital signature
_______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
