Re: Reasonable proposal for migrating to 2.0

In message <>, Willy Tarreau writes:

>1) browser: make the root and/or cert issuer on HTTPS sites for the main
>   page visible all the time, just like the page's title is currently
>   visible (add it next to the title or at the bottom ?)

That could work for open-source browsers.  For closed source browsers
of US origin, there's no telling what they can or will tell the user
or what relationship that might have with the truth.

>2) protocol: add a new "httpe://" scheme

Anything which tries to add another scheme is going to be serious
uphill work, so it had better be for a reason which amounts to
more than some cryptographic mumbo-jumbo 99.9% of webmasters
are not entirely sure what means.

I don't think your idea clears that hurdle.

I think it is a better idea to just stick with "https:" and leave
it to the server side to negotiate as much security as they want,
and hope that user-agents faithfully indicates this to the user.

>3) browser: get rid of the ability to bypass the cert error for HTTPS
>   (except maybe for developers using a config option). 

See above.

At least 50% of the pervassive surveillance problem is software we
cannot trust on the client side.

Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.

Received on Sunday, 17 November 2013 21:57:45 UTC