Re: Proposal: Prefer secure origins for powerful new web platform features

On Thu, Aug 21, 2014 at 2:09 PM, Eduardo' Vela" <Nava> <evn@google.com> wrote:

>> Can you explain more? What are some realistic public deployment
>> scenarios in which TLS is utterly useless?
>
> Any setup where the network is outside of your threat model.
>
> Think of the way Chromecast is configured, it's an HTTP server listening on
> a wifi network. You can't distribute a SSL certificate to the device
> (there's no internet access yet), and we will hold some web platform hostage
> from them for no good reason.

But Chromecast does not (yet...?) serve a web app that wants to run
WebCrypto or ServiceWorkers on my laptop. Mostly the laptop casts
content to the Chromecast.

We should talk about if we should accept an origin as having been
securely transported if the user chooses to proceed past an HTTPS
warning interstitial page, e.g. for an unknown authority or name
mismatch.

I have an idea for how to handle authentication for Internet Of
Things, but that's separate from this thread. But we (as an industry)
are indeed going to have to figure that out soon. As a fellow security
engineer, I am sure you are not advocating a Crunchy On The Outside,
Soft On The Inside security posture.

> Not all web applications are connected to the internet. Same for VPN
> services where you can authenticate at a network level.

Or indeed, with a private, organizational CA.

Received on Thursday, 21 August 2014 21:19:41 UTC