- From: Willy Tarreau <w@1wt.eu>
- Date: Tue, 7 Aug 2012 09:37:46 +0200
- To: Yoav Nir <ynir@checkpoint.com>
- Cc: "Adrien W. de Croy" <adrien@qbik.com>, Mark Nottingham <mnot@mnot.net>, "ietf-http-wg@w3.org Group" <ietf-http-wg@w3.org>
Hi Yoav, On Tue, Aug 07, 2012 at 10:30:04AM +0300, Yoav Nir wrote: > Best we can do is something along the lines of "Your traffic to > "www.mybank.com" is being decrypted an inspected by "sslproxy.example.com". > Is this OK?" > > Do you think this allows a user to make an informed decision? Usability > studies suggest that the user will click on whatever button makes him get to > www.mybank.com, without thinking about the implications. This may or may not > be the correct decision, but changing browser UI to fit security geeks does > not necessarily make sense. Precisely having the proxy take care of TLS could improve the situation a lot. The proxy would simply refuse to connect to improperly configured sites and the client would not be able to do anything about this, except try to pass using the CONNECT method if it's whitelisted in the proxy. The client would only have the proxy's cert and the browser could be configured to always refuse to connect to an invalid proxy instead of prompting the user. So in the end, we would significantly improve end-user security by enforcing security where it matters and where people can make informed decisions, and leaving the user with less hesitation caused by warnings he doesn't understand. Regards, Willy
Received on Tuesday, 7 August 2012 07:38:32 UTC