W3C home > Mailing lists > Public > public-rww@w3.org > January 2015

Re: Domains, Subdomains, Etc.

From: carmen <_@whats-your.name>
Date: Mon, 5 Jan 2015 05:43:54 +0000
To: public-rww@w3.org
Message-ID: <20150105054354.GA31970@x.clearwire-wmx.net>
> wildcard certs not currently supported?

 expending effort on this front probably isn't worth it, vs other things..

even in HTTPS timing and size of packets leak some info. depending on how determined you are, maybe a decent amount:

http://eprint.iacr.org/2014/959.pdf
http://eprint.iacr.org/2014/724.pdf  both featured at http://fc15.ifca.ai/

one unencrypted port 53 lookup and you might additionally be able to tie what you've gleaned to a particular username,

client-cert support is something that some people complain about..

on public machines , in coffee-shops, libraries or otherwise, how do you login ?
maybe security is lax enough that you can plug in a phone on USB, load the private-key/cert .p12 file and remember to delete it, but..

network-effects of supporting certificate-based single-sign-on might have legs
Received on Monday, 5 January 2015 05:44:48 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:10:50 UTC