Review of section 2.6.2 of HTML5? from Thomas Roessler on 2009-10-14 (public-wsc-wg@w3.org from October 2009)

From: Thomas Roessler <tlr@w3.org>
Date: Wed, 14 Oct 2009 13:06:57 +0200
To: WSC WG public <public-wsc-wg@w3.org>
Message-Id: <9C34A172-9C2E-4F5F-B809-4DE07BC5EADD@w3.org>

http://dev.w3.org/html5/spec/Overview.html#encrypted-http-and-related-security-concerns

> 2.6.2 Encrypted HTTP and related security concerns
> Status: Working draft
>
> Anything in this specification that refers to HTTP also applies to  
> HTTP-over-TLS, as represented by URLsrepresenting the https scheme.
>
> User agents should report certificate errors to the user and must  
> either refuse to download resources sent with erroneous certificates  
> or must act as if such resources were in fact served with no  
> encryption.
>
> User agents should warn the user that there is a potential problem  
> whenever the user visits a page that the user has previously  
> visited, if the page uses less secure encryption on the second visit.
>
> Not doing so can result in users not noticing man-in-the-middle  
> attacks.
>
> If a user connects to a server with a self-signed certificate, the  
> user agent could allow the connection but just act as if there had  
> been no encryption. If the user agent instead allowed the user to  
> override the problem and then displayed the page as if it was fully  
> and safely encrypted, the user could be easily tricked into  
> accepting man-in-the-middle connections.
>
> If a user connects to a server with full encryption, but the page  
> then refers to an external resource that has an expired certificate,  
> then the user agent will act as if the resource was unavailable,  
> possibly also reporting the problem to the user. If the user agent  
> instead allowed the resource to be used, then an attacker could just  
> look for "secure" sites that used resources from a different host  
> and only apply man-in-the-middle attacks to that host, for example  
> taking over scripts in the page.
>
> If a user bookmarks a site that uses a CA-signed certificate, and  
> then later revisits that site directly but the site has started  
> using a self-signed certificate, the user agent could warn the user  
> that a man-in-the-middle attack is likely underway, instead of  
> simply acting as if the page was not encrypted.
>
>

We might want to review this...

Cheers,
--
Thomas Roessler, W3C  <tlr@w3.org>

Received on Wednesday, 14 October 2009 11:07:03 UTC