- From: Chris Palmer <palmer@google.com>
- Date: Thu, 21 Aug 2014 14:19:14 -0700
- To: "Eduardo' Vela" <evn@google.com>
- Cc: Mark Watson <watsonm@netflix.com>, Jim Manico <jim.manico@owasp.org>, "public-webappsec@w3.org" <public-webappsec@w3.org>
On Thu, Aug 21, 2014 at 2:09 PM, Eduardo' Vela" <Nava> <evn@google.com> wrote: >> Can you explain more? What are some realistic public deployment >> scenarios in which TLS is utterly useless? > > Any setup where the network is outside of your threat model. > > Think of the way Chromecast is configured, it's an HTTP server listening on > a wifi network. You can't distribute a SSL certificate to the device > (there's no internet access yet), and we will hold some web platform hostage > from them for no good reason. But Chromecast does not (yet...?) serve a web app that wants to run WebCrypto or ServiceWorkers on my laptop. Mostly the laptop casts content to the Chromecast. We should talk about if we should accept an origin as having been securely transported if the user chooses to proceed past an HTTPS warning interstitial page, e.g. for an unknown authority or name mismatch. I have an idea for how to handle authentication for Internet Of Things, but that's separate from this thread. But we (as an industry) are indeed going to have to figure that out soon. As a fellow security engineer, I am sure you are not advocating a Crunchy On The Outside, Soft On The Inside security posture. > Not all web applications are connected to the internet. Same for VPN > services where you can authenticate at a network level. Or indeed, with a private, organizational CA.
Received on Thursday, 21 August 2014 21:19:41 UTC