- From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
- Date: Sat, 07 Jul 2007 17:11:48 +0100
- To: public-wsc-wg@w3.org
Thomas Roessler wrote: > On 2007-07-07 16:08:54 +0100, Stephen Farrell wrote: > >> Essentially, when the user somehow accepts the SSC, they're doing >> the equivalent of adding a new trust anchor to their local store, >> even if the SSC is only going to be trusted for that DNS name. >> (Cue advertisment for the upcoming TAM BoF at the Chicago IETF - >> I'd still like input from WSC there - maybe Thomas wants a quick >> slot on the TAM agenda? :-) > > As I said, as long as you don't conflict with the HTTP BOF, the apps > area meeting, or the security area meeting, I'm happy to come. Good. Currently scheduled for Friday but still a small chance of a move. > Tell > me a bit more about the scope again? There's a problem statement [1] (note that a -01 has been posted, but has yet to show up) and we also have Paul Hoffman who's going to speak to device and non-enterprise uses. I'd welcome either WSC or TLR (or anyone else's) input whether that's from the floor or in front of ppt. In particular, I'd welcome an FI perspective. >> So in future there may be a TAM protocol that could be run to >> handle the SSC. When that's available, then it'd be reasonable to >> have a proposal to only show the error message for the SSC (same >> as if the PKI-rooted server cert was expired), but to allow the >> user to get into runnng the TAM protocol in some controlled way. > > I'm confused. The one thing that can be done automatically is > recognize that you hit the same self-signed certificate *again*, and > infer that that's probably a good sign. My mail only addressed the 1st time case. > Anything else ultimately > requires an *external* trust anchor, most likely either the user's > brain or an oracle somewhere. If it's the user's brain, then we're > no different from the current situation. Now I'm confused, but that's normal:-) But I bet we think the same thing really, so I'm ok with that for now. > (I wonder if I need to write up my Linksys router's TLS behavior as > a use case... TLS there indeed gives me a defense against passive > attacks [which is valuable], but in order to get that, there are two > errors that need to be overridden..) Yes, that'd be interesting. S. [1] http://www.ietf.org/internet-drafts/draft-wallace-ta-mgmt-problem-statement-00.txt
Received on Saturday, 7 July 2007 16:10:00 UTC