W3C home > Mailing lists > Public > public-privacy@w3.org > July to September 2019

Re: Fwd (TAG): Draft finding - "Transitioning the Web to HTTPS"

From: Nala Ginrut <mulei@gnu.org>
Date: Tue, 27 Aug 2019 18:32:28 +0800
To: public-privacy@w3.org
Cc: "Eric J. Bowman" <eric@bisonsystems.net>, Chris Palmer <palmer@google.com>, Nick Doty <npdoty@w3.org>, David Singer <singer@apple.com>, TAG List <www-tag@w3.org>
Message-ID: <87woeyyk3n.fsf@debian>

Hi Marc!
Great appreciated for the work!

I've noticed the sentence here:

The app itself should be signed to ensure an MITM attacker cannot tamper
with the application itself before it’s installed/downloaded/run.

And here:

This method specifically avoids intentionally insecure cryptographic API
built in the browser.

If the app (browser) is not trusted, especially for its cryptographic
API, then the signature means nothing to verify.

Best regards.

Marc Fawzi writes:

> 5 years later, we can now bypass TLS with ALS (application level security)
> while dancing around NIST recommended broken security standards in
> WebCrypto etc
> https://docs.google.com/presentation/d/1f2k6fsIkDmIS1WyJAT0lXQmDuHIPeo9GDKfP1FY2rVc/edit?usp=sharing
> Enjoy this 5-year delayed response.
> On Mon, Feb 23, 2015 at 6:07 AM Marc Fawzi <marc.fawzi@gmail.com> wrote:
>> http://zitseng.com/archives/7489
>> *Government-Linked Certificate Authorities in OS X (zitseng.com
>> <http://zitseng.com>)*
>> From the comments on Hacker News:
>> "No, if they want to hack your SSL comms, they aren't going to do it by
>> using a MITM attack backed by a government-issued root CA, they are going
>> to do it by gaining access to a "neutral" CA (such as Verisign), and
>> obtaining the root certificate's private key. Now you would have a much
>> harder time of figuring out that something has gone wrong, but then, if
>> you're paranoid of the government spying on you, and you are using a CA
>> other than one you own yourself, you've already lost the battle."
>> I agree, no protocol or method can stop a nation state because things
>> ultimately come down to physical security.
>> But it is more reason to put the breaks on the idea that moving the whole
>> web to https is going to make a real difference. I don't think it will.
>> Once the users see https as a selective spying mechanism (open for govs,
>> closed for petty criminals) they really won't trust the web ever again,
>> unless you come up with a new protocol/story and keep evolving it in major
>> ways to stay ahead of the inevitable.
>> Copying the wisdom below (via another developer):
>> *On Derived Values*
>> This, milord, is my family's axe. We have owned it for almost nine hundred
>> years, see. Of course, sometimes it needed a new blade. And sometimes it
>> has required a new handle, new designs on the metalwork, a little
>> refreshing of the ornamentation . . . but is this not the nine
>> hundred-year-old axe of my family? And because it has changed gently over
>> time, it is still a pretty good axe, y'know. Pretty good.
>> -- Terry Pratchett, The Fifth Elephant
>> On Sun, Feb 22, 2015 at 6:33 PM, Eric J. Bowman <eric@bisonsystems.net>
>> wrote:
>>> Eric J. Bowman wrote:
>>> >
>>> > >
>>> > > I encourage you to read more about cryptography and cryptographic
>>> > > network protocols, and to try your hand at subverting HTTP and HTTPS
>>> > > traffic (on your own systems and networks only, of course). I think
>>> > > you'll find that the available security guarantees and
>>> > > non-guarantees of HTTP and of HTTPS are very different from what
>>> > > you have expressed in this thread.
>>> > >
>>> >
>>> > Thanks, but I don't think you've understood what it is I'm trying to
>>> > express.
>>> >
>>> Particularly, Superfish illustrates that the guarantees and non-
>>> guarantees of HTTP and HTTPS are *exactly* what I tried to express in
>>> this thread.
>>> Yes, I know. You're above this list now, or at least until March 30,
>>> while you write a book on Web security. Let's just say I'm not pre-
>>> ordering.
>>> -Eric

GNU Powered it
GPL Protected it
GOD Blessed it
HFG - NalaGinrut
Fingerprint F53B 4C56 95B5 E4D5 6093 4324 8469 6772 846A 0058

Received on Tuesday, 27 August 2019 10:39:04 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 16:49:38 UTC