W3C home > Mailing lists > Public > public-wsc-wg@w3.org > July 2007

Re: ACTION-240 :TLS errors...

From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Date: Sat, 07 Jul 2007 16:08:54 +0100
Message-ID: <468FAC86.6010605@cs.tcd.ie>
To: michael.mccormick@wellsfargo.com
CC: tlr@w3.org, public-wsc-wg@w3.org


I think the proper handling of self-signed certs (SSC) does
warrant thought. There's clearly a tension between wanting to
hide silly PKI details vs. wanting to allow peope to setup
their own PK-based security (i.e. more PK than PKI).

michael.mccormick@wellsfargo.com wrote:

> Here's an imaginary example of how (IMO) a browser maker might
> reasonable apply them to a self-signed server SSL cert:

So this is the case where this is the 1st time the SSC has
been seen by the client? If not, then following previous
behaviour (maybe with a cleverer way to rollback decisions
as mentioned in Dublin) is probably correct.

>  - On main window display "Security connection error".
>  - Allow the page to load.

Hmm... Users will ignore all the SCI then most likely. Be
good to get some testing done on this case sometime if we
do go this route.

>  - Adjust graphical SCIs (padlock, color bar, speedometer, etc.)
> appropriately.
>  - If user clicks on the main error message or SCI, pop a dialog box
> with tabs for "Cause" and "Risk".
>  - If user click the Risk tab, s/he sees an explanation of the risks of
> browsing a site with self-signed SSL.
>  - If user click the Cause tab, s/he sees technical details about the
> server cert and what's suspicious about it.

Essentially, when the user somehow accepts the SSC, they're doing
the equivalent of adding a new trust anchor to their local store,
even if the SSC is only going to be trusted for that DNS name.
(Cue advertisment for the upcoming TAM BoF at the Chicago IETF - I'd
still like input from WSC there - maybe Thomas wants a quick slot
on the TAM agenda? :-)

So in future there may be a TAM protocol that could be run to handle
the SSC. When that's available, then it'd be reasonable to have a
proposal to only show the error message for the SSC (same as if the
PKI-rooted server cert was expired), but to allow the user to get
into runnng the TAM protocol in some controlled way.

But in the meantime, I'm not really sure what to do. If someone
were to setup a free zero/low-assurance CA with its root in all
browsers that'd be good, but I guess since it hasn't happened
itself, it probably won't.

Other than that, I don't know - allowing an SSC to be trivially
accepted does undermine lots of the benefits of TLS, but is clearly
needed for the short/medium term.

(Mez - Can we put this on an agenda sometime or was it discussed
at one of the meetings I missed?)

Stephen.
Received on Saturday, 7 July 2007 15:07:10 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 5 February 2008 03:52:48 GMT