Re: Google warns of unauthorized TLS certificates trusted by almost all OSes from Eric J. Bowman on 2015-03-25 (www-tag@w3.org from March 2015)

From: Eric J. Bowman <eric@bisonsystems.net>
Date: Tue, 24 Mar 2015 22:21:24 -0600
To: Tim Bray <tbray@textuality.com>
Cc: Daniel Appelquist <appelquist@gmail.com>, Marc Fawzi <marc.fawzi@gmail.com>, TAG List <www-tag@w3.org>
Message-Id: <20150324222124.725cbdf71499e037cb924172@bisonsystems.net>

Tim Bray wrote:
>
> What Daniel said.  Also, see
> https://www.tbray.org/ongoing/When/201x/2014/07/28/Privacy-Economics
> 

"There are people out there who want more: They’re not sure HTTPS is
good enough (it is)."

Is it? For example, how does TLS overcome violations of the
Identification of Resources REST constraint?

https://www.google.com/search?q=healthcare.gov+privacy+breach

That issue is why I chafe every time someone says HTTPS is in my best
interests in terms of privacy. I simply know better, as a long-time
REST advocate, that this sort of implementation is the rule -- not the
rare RESTful exception.

No amount of slapping encryption on this problem in the name of privacy,
does anything for user privacy. The risk in advocating ubiquitous HTTPS
is it deceives end-users into believing their data is private. When "we"
should know better, because architecture, where putting confidential
information into URLs has long been the norm.

I don't see how HTTPS helps. But I'd love the argument to be framed as,
is this still better than nothing? And honestly discussed. Perhaps on
Twitter, if TAG just doesn't want to discuss this on www-tag, for
whatever reason (convenience springs to mind).

Advocate the Identification of Resources constraint, first. Because
that at least would get us to a starting point, to talk about using
HTTPS for privacy. But, with the bulk of the Web putting confidential
data in URLs, it seems foolish to me to ignore that and say "just use
HTTPS and you'll magically have privacy". Despite any TLS shortcomings.

Insane.

Or just change the rules, in an effort to make me go away for bringing
up inconvenient, yet perfectly relevant, arguments. Or just don't
engage, or call me ignorant, or whatever, then you can just dismiss my
position when y'all get upset that I just won't let it drop, by
changing the listmail rules because I do get a little upset when not
taken seriously by my peers.

My experience here, recently, reminds me of that guy in Florida who
dared to say "climate change" and got sacked pending psychological
evaluation. Maybe I need just that, to continue posting here; because
my position is so much at odds with TAG's that I must, by definition,
be crazy.

Or at least that's the perception some of us have of the new rules for
the www-tag list.

-Eric

Received on Wednesday, 25 March 2015 04:22:00 UTC