Re: Trusted proxy UI strawman

On 18.06.2014 23:02, Barry Leiba wrote:
> I don't see it as an improvement because it's nothing that most users 
> will understand. To most users, there will be no difference. The 
> problem isn't that we're not telling users that our proxies can snoop 
> and modify. The problem is that we're allowing a situation where our 
> proxies can snoop and modify. 
 From the users perspective TLS is most often not end-to-end (like for 
this email). A user can't even deduce the country where the content will 
be decrypted and therefore which laws will be applied to the sent data.

>> Again, because pinning is not enforced if the trust anchor is a user
>> installed CA, browser manufacturers are in fact choosing to support MITM
>> proxies. But they are doing it without informing the user when it is being
>> enabled and without any indication to the user when it's active.  I don't
>> understand why anyone would defend the status quo on this.
> It's not a question of defending the status quo.  If we're going to
> fix this, we need to fix it correctly: we need to tighten up the
> protocols and how they're used so that we shut down men in the middle.
Would be nice if you could ensure that my messages will not be seen by 
intermediaries like Facebook, Google.
In addition users can't trust a web site just because the web site 
presents a certificate. The user may have a need to inspect the traffic 
to defend against attacks and maybe just to prevent ad spam.

> And then we have to teach users to use only browsers that do it right
> and don't expose them.  We'd do that through major media campaigns
> with understandable explanations, not with incomprehensible popup
> messages that users won't understand.
>
> Barry

Roland

Received on Friday, 20 June 2014 09:27:09 UTC