W3C home > Mailing lists > Public > public-webapps@w3.org > October to December 2011

Re: [XHR] chunked requests

From: Eric Rescorla <ekr@rtfm.com>
Date: Fri, 9 Dec 2011 10:54:31 -0800
Message-ID: <CABcZeBMtYmXzv=ZmmZ56qYF5Fexmr6ZhJYtnuTCYaVJx3h8Bhw@mail.gmail.com>
To: Adam Barth <w3c@adambarth.com>
Cc: Anne van Kesteren <annevk@opera.com>, Jonas Sicking <jonas@sicking.cc>, Wenbo Zhu <wenboz@google.com>, public-webapps@w3.org, Ian Hickson <ian@hixie.ch>
On Fri, Dec 9, 2011 at 10:37 AM, Adam Barth <w3c@adambarth.com> wrote:
> On Fri, Dec 9, 2011 at 7:59 AM, Anne van Kesteren <annevk@opera.com> wrote:
>> On Fri, 09 Dec 2011 16:33:08 +0100, Eric Rescorla <ekr@rtfm.com> wrote:
>>> Same-origin requests should be OK because the JS would have access
>>> to the relevant sensitive data in any case.
>>
>> Okay, I guess we can make that difference.
>
> Correct me if I'm wrong, but I believe these issues are fixed in TLS
> 1.1.  Most user agents implement TLS 1.1 anyway, so this seems mostly
> like a requirement to put in the security considerations section.

Would that it were this easy.

Unfortunately, many servers do not support TLS 1.1, and to make matters
worse, they do so in a way that is not securely verifiable. By which I mean
that an active attacker can force a client/server pair both of which support
TLS 1.1 down to TLS 1.0. This may be detectable in some way, but not
by TLS's built-in mechanisms. And since the threat model here is an active
attacker, this is a problem.

-Ekr
Received on Friday, 9 December 2011 18:55:48 GMT

This archive was generated by hypermail 2.3.1 : Tuesday, 26 March 2013 18:49:49 GMT