Transport-level encryption with Tcpcrypt
Transport-level encryption with Tcpcrypt
Posted Aug 26, 2010 14:50 UTC (Thu) by djao (guest, #4263)In reply to: Transport-level encryption with Tcpcrypt by foom
Parent article: Transport-level encryption with Tcpcrypt
You make a valid point. However, this problem can be easily, almost trivially fixed. The browser can (and should) be programmed to give a huge scary warning if a web site which previously offered authentication in the past has changed so that it no longer offers authentication.
Posted Aug 26, 2010 16:42 UTC (Thu)
by gmaxwell (guest, #30048)
[Link]
The authentication-state caching thing you suggest is one possible solution, but it's somewhat fragile and still leaves a window of exposure. See https://secure.wikimedia.org/wikipedia/en/wiki/Strict_Tra... for more information on the initiatives in this area.
Posted Aug 26, 2010 18:22 UTC (Thu)
by Simetrical (guest, #53439)
[Link]
This is basically exactly what STS (formerly known as ForceTLS) does. For added effectiveness, browsers will likely precache STS headers for many major sites. Once this is done, there will be no reason to present scary warnings anymore for self-signed certs. Firefox has just implemented this: it's RESOLVED FIXED as of two days ago, so I guess it will be in the next Firefox 4 beta.
I still agree that the current behavior is way over the top. As this paper observes, a certificate error these days is a guarantee that the site is not malicious, since only a complete idiot of an attacker would try pulling off an attack via a page that raised a giant error . . .
Transport-level encryption with Tcpcrypt
Transport-level encryption with Tcpcrypt