Hi Joseph, I believe some ideas of this character have been discussed in the W3C WebAppSec WG. http://www.w3.org/2011/webappsec/
Cheers, --Richard On Wednesday, February 13, 2013, Joseph Bonneau wrote: > Hi Stephen, > > Thanks for biting :-) > > >> For example, ISTM that a lot of bad URLs that are de-referenced are >> received in spam that won't contain this, or are in hrefs on pages >> loaded from sites that won't use this, or that attacks are trying >> to trick users into accepting a bogus version of a site that they >> have already visited (e.g. a bank). >> > > Not attempting to deal with spam or phishing. Phishy sites will probably > not use TLS anyways. > > I also agree that there will be tons of insecure links all over the web > and that this is not a complete solution but an incrementally deployable > measure that I claim can protect many connections. The claim is based on > the hunch that a large percentage of *initial* connections to new sites > happen via hyperlinks served by small number of hubs: namely webmail, > search engines, social networks, link shorteners. If you can secure these > initial connections relatively cheaply it's a win. > > >> I hope the answer ins't to the effect that UAs >> need to go through some gatekeeper site before going anywhere else, >> but I expect that'll not be your answer.) >> > > This is exactly the motivation for this proposal: I don't want UAs to go > through any *new* gatekeeper or add a blocking lookup to a trusted > authority to get to the right destination securely. I want to leverage the > fact that the vast majority of users already go through gatekeepers from a > small set before going anywhere else. Perhaps this isn't everybody's ideal > of how the web should work, but since that's the reality I think it's > useful to use these gatekeepers to distribute security information. > Websites are also far more agile as trust anchors than almost anything else > under consideration. Some users know how to change search engines but > virtually zero have any idea what a CA is. > > I grant that s-links on their own won't solve things so I'd encourage the > proposal not to be considered in isolation. S-links are fundamentally > dependent on some other protocol gaining non-trivial deployment (where > non-triivial means that the list of supporting sites can't be hard-coded > into the browser). But thinking ahead, s-links make the deployment story > for HPKP, CT, or lots of other proposals much more believable to me so I > think there's value in developing it alongside them. S-links will always be > useful in an HPKP world, and for CT until 100% deployment (at CAs) is > achieved. > > As for the mailing list-I'll enable the archive when there are substantive > posts to the mailing list. It's only 3 weeks old though and is content-less > so far :-) > > Cheers, > > Joe >
_______________________________________________ therightkey mailing list therightkey@ietf.org https://www.ietf.org/mailman/listinfo/therightkey
