Re: Proposal: tougher CA standards in "private browsing" mode.

Thu, 04 Apr 2013 02:33:39 -0700

I think a big issue that is going on here is that the classic security UI (aka secure browsing aka SSL) has been dumbed down so much that any fiddling around with it causes all sorts of questions to loom large.
Initially I thought that the idea was really good. The private browsing mode is a good signal of desired greater security. And the MITM possibility is a classic security threat. 


But the more I thought about it, the more I felt uncomfortable tying the 
two together.  Private browsing is more about anonymity in ones local 
community, not the end point.  If one is concerned about MITMs or 
eavesdropping, then one is more likely to use Tor.  When I think about 
the uses and people doing this, cleaning the person's browser history 
and traces comes to mind -- which directly clashes with SSL which sticks 
a great big red thumb out there *and* reveals the target domain.



Whereas secure browsing is more about knowing that one is connected to 
ones exact endpoint, and nobody can interfere with that.  In today's 
threat scenario, the only thing you care about is that you are connected 
to your online bank, and nobody can interfere with that.



These are two different statements.  In one, I don't care what anyone 
can see or do, as long as nobody knows it's me.  Privacy.  In the other, 
I don't care who knows what I'm doing, as long as they cannot interfere.


Obviously it is nice to have both, but that's much harder, that's dreamland.


iang


On 4/04/13 11:53 AM, Gervase Markham wrote:

On 02/04/13 12:20, Florian Weimer wrote:

In a corporate setting, intercepting proxies are fairly common, and
displaying a warning would be annoying to users.  (Didn't some browser
vendor already try that?)


It depends what UI you use. For example, if we had a red padlock... ;-)

Seriously, that seems to be saying "users don't want to be bothered with
the fact that their connection to their bank is being MITMed". I'm
really not sure that's true. They may know in theory that network ops
has this ability, but that's easy to forget; much better, when they have
a lapse of memory and visit hsbc.com on their work computer, to have
some sort of alert.

Gerv

_______________________________________________
dev-security mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-security



_______________________________________________
dev-security mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-security























					Reply via email to