On Tue, Dec 3, 2013 at 1:53 PM, William Chan (陈智昌) <willchan@chromium.org>wrote: > > <pushback> > I can probably expect to be tarred and feathered by my security team if I > tell them we need to put up a UI asking the end user to make a decision > about security :) > </pushback> > > > Right. There is probably no way the user can make a meaningful decision here. Heck - I'm not sure I can make a meaningful decision and I'm certainly more familiar with the issues than most users. We've just begun to uncover some of the reasons why. you make a "trust" delegation to your proxy to do exactly what.. load a single URL? load just a particular origin? load a page.. (for how long (scripts!)?).. can different pages use scripts cached with that trust? Can they use my pre established cookies? What about mixed content rules? What about a safe browsing database or a CRL list - Are those still trusted? How about browser updates or new addons? Should you be prompted separately to search google.com and login to chase.com? is every page a new dialog? Are we going to categories where you opt-in a category (e.g. search, but not finance) and then the server gets to decide what kind of data it is instead of the user? Why is my EV indicator now gone and does that deter server side folks who want a stable UI to not adopt EV? And that's all rather beside the point. The information belongs to the user not to the network even if the network is not obliged to carry it. If the network would like to be able to more expressively define mechanisms saying it refuses to carry e2e secured data I would be happy to make use of that.. -P
Received on Tuesday, 3 December 2013 22:25:48 UTC