W3C home > Mailing lists > Public > public-webapps@w3.org > October to December 2011

Re: AW: AW: AW: WebSocket API: close and error events

From: Glenn Maynard <glenn@zewt.org>
Date: Tue, 25 Oct 2011 19:37:49 -0400
Message-ID: <CABirCh_mwK9zqGB1gwsb7gSovPV-N9jrY7-fwtpqCCnY9yszvw@mail.gmail.com>
To: Ian Hickson <ian@hixie.ch>
Cc: Tobias Oberstein <tobias.oberstein@tavendo.de>, Simon Pieters <simonp@opera.com>, "public-webapps@w3.org" <public-webapps@w3.org>
On Tue, Oct 25, 2011 at 6:32 PM, Ian Hickson <ian@hixie.ch> wrote:

> Sure, there are specific cases where one is easier than the other. There
> are also specific cases where it's easier to just send malware to the user
> than attempt a passive attack. That doesn't mean that we should just
> protect against malware and pretend that a passive attack is not a
> problem, just like we shouldn't pretend that active attacks are not a
> significant risk and thus should allow self-signed certs.

I didn't say any of these things.

I said encryption without a trusted signature is not useless.  Encryption is
always better than no encryption, whether or not you have a trusted
certificate.  Reducing the safe, undetectable, easily-scalable passive
attacks is a significant win.

(That doesn't mean the behavior in this particular case is wrong.  Adam is
almost certainly right: regular users have enough trouble with top-level
certificates, and the subresource complication on top of that is probably
too much.  But please, stop equating unsigned crypto to cleartext.)

Glenn Maynard
Received on Tuesday, 25 October 2011 23:38:16 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 20 October 2015 13:55:45 UTC