- From: Adam Langley <agl@chromium.org>
- Date: Mon, 23 Feb 2015 10:32:18 -0800
- To: noloader@gmail.com
- Cc: Chris Palmer <palmer@google.com>, security-dev <security-dev@chromium.org>, "public-webappsec@w3.org" <public-webappsec@w3.org>, blink-dev <blink-dev@chromium.org>, "dev-security@lists.mozilla.org" <dev-security@lists.mozilla.org>
On Sun, Feb 22, 2015 at 10:35 AM, Jeffrey Walton <noloader@gmail.com> wrote: > Hi Chris, > > Sorry to dig up an old thread. > >> Yes, I agree this is a problem. I am hoping to publish a proposal for >> how UAs can authenticate private devices soon (in January probably). > > Were you able to publish something? I wanted to read more about what > directions the solutions are moving towards. > > This just made my radar: > http://blog.kaspersky.com/internet-of-crappy-things/, and I was > wondering how much has been addressed and how much is hyperbole. Chris has disappeared off to write a book for a few months and promises to mostly not check email. I still have this idea in my head but haven't written anything. In my formulation, it would be a PAKE scheme based mutual authentication done above the TLS layer, but used to confirm the certificate. Chris was thinking more along the lines of a public-key hash in the URL, but wanted it to be useably short and thus worryingly weak. Cheers AGL > > Thanks in advance. > > Jeff > > On Thu, Dec 18, 2014 at 2:33 PM, Chris Palmer <palmer@google.com> wrote: >> On Thu, Dec 18, 2014 at 9:52 AM, jstriegel via blink-dev >> <blink-dev@chromium.org> wrote: >> >>> I'd like to propose consideration of a fourth category: >>> Personal Devices (home routers, printers, IoT, raspberry pis in classrooms, refrigerators): >>> - cannot, by nature, participate in DNS and CA systems >>> - likely on private network block >>> - user is the owner of the service, hence can trust self rather than CA >>> >>> Suggested use: >>> - IoT devices generate unique, self-signed cert >>> - Friendlier interstitial (Ie. "Is this a device you recognize?") for self-signed connections on *.local, 192.168.*, 10.*, or on same local network as browser. >>> - user approves use on first https connection >>> - browser remembers (device is promoted to "secure" status) >>> >>> A lot of IoT use cases could benefit from direct connection (not requiring a cloud service as secure data proxy), but this currently gives the scariest of Chrome warnings. This is probably why the average home router or firewall is administered over http. >> >> Yes, I agree this is a problem. I am hoping to publish a proposal for >> how UAs can authenticate private devices soon (in January probably). >> >> A key goal is not having to ask the user "Is this a device you >> recognize?" — I think we can get the UX flow even simpler, and still >> be strong. Watch this space... >>
Received on Wednesday, 25 February 2015 20:42:20 UTC