W3C home > Mailing lists > Public > public-webappsec@w3.org > July 2014

Re: SRI: <a> vs integrity

From: Hill, Brad <bhill@paypal.com>
Date: Mon, 28 Jul 2014 18:17:45 +0000
To: Eduardo Robles Elvira <edulix@agoravoting.com>
CC: Brad Hill <hillbrad@gmail.com>, Julian Reschke <julian.reschke@gmx.de>, "public-webappsec@w3.org" <public-webappsec@w3.org>
Message-ID: <D250B4E4-758C-4FCA-86CB-168A0240C3BD@paypal.com>

On Jul 28, 2014, at 11:03 AM, Eduardo Robles Elvira <edulix@agoravoting.com> wrote:

>  When a user enters
> in a page with a self-signed certificate, the user gets a really big
> warning "this is insecure, get away!". Doesn't that restrict user free
> navigation and "introduce brittleness that requires user notification
> and intervention to the fundamental act of navigating a browser" too?

This is longstanding behavior, is under the control of the resource owner, and has a clear meaning: you are attempting a secure connection but we can't verify to whom you are connecting.  Even so, this has proven very problematic for users to interpret correctly and is a source of many false positive security warnings.

We just had no interest whatsoever at the time of our rechartering in implementing a feature that would have to ask the user something like: "The content at the other end of this link is not the same at the content the creator of this link specified.  It may have changed and still be legitimate content intended by the resource owner, or may be content intended by the resource owner but considered illegitimate by the author of this link, or the page may have been modified in a manner unauthorized by the resource owner, or the author of the link may have incorrectly specified what they expected.  We cannot give you *any information whatsoever* as to the nature or extent of the changes.  Continue?"
Received on Monday, 28 July 2014 18:18:14 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:54:39 UTC