W3C home > Mailing lists > Public > public-wsc-wg@w3.org > July 2007

Re: ACTION-240 :TLS errors...

From: Thomas Roessler <tlr@w3.org>
Date: Sat, 7 Jul 2007 17:21:24 +0200
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Cc: michael.mccormick@wellsfargo.com, public-wsc-wg@w3.org
Message-ID: <20070707152124.GU6561@raktajino.does-not-exist.org>

On 2007-07-07 16:08:54 +0100, Stephen Farrell wrote:

> Essentially, when the user somehow accepts the SSC, they're doing
> the equivalent of adding a new trust anchor to their local store,
> even if the SSC is only going to be trusted for that DNS name.
> (Cue advertisment for the upcoming TAM BoF at the Chicago IETF -
> I'd still like input from WSC there - maybe Thomas wants a quick
> slot on the TAM agenda? :-)

As I said, as long as you don't conflict with the HTTP BOF, the apps
area meeting, or the security area meeting, I'm happy to come.  Tell
me a bit more about the scope again?

> So in future there may be a TAM protocol that could be run to
> handle the SSC. When that's available, then it'd be reasonable to
> have a proposal to only show the error message for the SSC (same
> as if the PKI-rooted server cert was expired), but to allow the
> user to get into runnng the TAM protocol in some controlled way.

I'm confused.  The one thing that can be done automatically is
recognize that you hit the same self-signed certificate *again*, and
infer that that's probably a good sign.  Anything else ultimately
requires an *external* trust anchor, most likely either the user's
brain or an oracle somewhere.  If it's the user's brain, then we're
no different from the current situation.

(I wonder if I need to write up my Linksys router's TLS behavior as
a use case...  TLS there indeed gives me a defense against passive
attacks [which is valuable], but in order to get that, there are two
errors that need to be overridden..)

Cheers,
-- 
Thomas Roessler, W3C  <tlr@w3.org>
Received on Saturday, 7 July 2007 15:21:30 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 5 February 2008 03:52:48 GMT