- From: Eduardo Casais <casays@yahoo.com>
- Date: Tue, 20 Jan 2009 02:34:12 -0800 (PST)
- To: public-bpwg@w3.org
Some comments: 1) Since (some of) the CT-proxies rely upon browser engines to operate, they therefore exhibit similar vulnerabilities as the terminal clients -- at least of subset thereof, possibly new ones. Even when executing within virtual machines, attacks based on cache pollution, request smuggling, etc, are possible. What is sorely needed is an assessment by specialists of Web security (not just at the TLS/SSL protocol level). 2) As Rotan makes clear, the conditions upon which an end-to-end security connection is established are actually defined by the end points (server and terminal); any intrusion breaks the agreement. Let me mention that practically all providers of secure sites stipulate in their conditions of use that access information (e.g. username, passwords, etc) must be kept confidential, and that access must take place under safe conditions. Many of such providers (especially those that deal with financial transactions) indicate that failure to do so may result in blocking or cancellation of the service. Putting a man in the middle obviously raises some questions as to these agreements. The fact that, as I understand, some operators are systematically white-listing the sites of financial institutes seems to indicate that it is a very sensitive one. 3) François arrives at the conclusion that one cannot infer that a content provider is opposed to content transformation because of setting up a site that is to be accessed via TLS/SSL (HTTPS). These are indeed two different things; HTTPS is a mechanism for an application to achieve authentication (server, and, with difficulties as he explained, client), confidentiality, and integrity. CT-proxies intend to adapt content to different classes of devices. Unfortunately, diverting and slicing TLS/SSL connections via a CT-proxy subverts authentication, breaks confidentiality and integrity, and, as Tom points out, jeopardizes non-repudiation. The question is whether content adaptation is such an overwhelming requirement that it justifies crippling security. 4) The discussion between Luca and David raises two issues in my mind -- which I had not realized that clearly before. First, many people are not necessarily conscious of what using one of these proxy-based browsers (or a browser via a CT-proxy) entails in terms of security. Concretely, users are probably not aware that their HTTPS/TLS/SSL connections is actually point-to-point, and that there is someone in the middle who can peek at whatever flows within it. They are probably not even aware -- in some cases, such as TeaShark, not even knowledgeable observers of the mobile scene are -- of what kind of company is behind the proxy-based browser, where the proxies are located, and how they are managed. Secondly, enthusiastic commentators are suggesting that terminal manufacturers start installing these proxy-based browsers as defaults on their phones -- which would result in the end of their "opt-in" character and an increase of the risk. My conclusion is that any such browser that is unable to provide end-to-end TLS/SSL security and claims to be a "full-Web" browser is severely misrepresenting its capabilities. 5) There is an ironic historical footnote to the whole affair. When WAP was introduced, it featured point-to-point secure connections (WTLS and TLS on different sides of the gateway), and proxy-based compilation of content to a compact format directly interpretable by the terminal. This architecture was the target of deafening broadsides -- some famous ones being "HTTP-NG & WAP; Proxies are Good, Gateways are Bad" (a presentation by the W3C) and "W* Effect Considered Harmful". WAP was considered inherently insecure (point-to-point instead of end-to-end), and against the spirit and architecture of WWW because of its reliance on pre-compiled content. At least the criticism on security was justified -- and resulted in a number of corporations, especially banks, hosting their own WAP gateway in-house. Nowadays the architecture of proxy-based browsers (OperaMini, UCWEB, TeaShark, Bolt, Skyfire) is eerily reminiscent of WAP (fixed intermediary node mediating all communications, content digested into a proprietary, interpretable format, point-to-point sessions) and has similar consequences on end-to-end security -- as have CT-proxies. However, and curiously enough, all arguments against such schemes, once so decisive are now considered to be of little import... This being said: The message starting the thread was a first shot. The discussion is not yet ready to be concluded. E.Casais
Received on Tuesday, 20 January 2009 10:34:52 UTC