W3C home > Mailing lists > Public > whatwg@whatwg.org > May 2010

[whatwg] meta="encrypt" tag is needed

From: And Clover <and-py@doxdesk.com>
Date: Thu, 06 May 2010 21:52:04 +0200
Message-ID: <4BE31DE4.6080600@doxdesk.com>
On 05/06/2010 02:44 PM, juuso_html5 at tele3d.net wrote:

> browser submits a (session specific) 256bit elliptic curve public key
> to the server inside every URI-request AND if the target page has
> meta-encrypt tag, the server uses the browser's elliptic curve key

The server has to read and correctly parse each HTML page to decide 
whether to encrypt it? (And how does the browser know that the page is 
encrypted, vs. a legacy server that doesn't encrypt?)

This proposal is tackling the problem of encryption at entirely the 
wrong level: it's nothing to do with HTML, it's to do with the 
connection between the browser and the server. It is very likely that 
sites would want to encrypt transfers of other files than HTML pages. 
This is something that should be tackled at the HTTP level, not in HTML5.

And lo, there is already a quite suitable mechanism for deploying 
encryption between the server and browser: HTTPS.

Whilst it is true that HTTPS has more organisational overhead in the 
form of CAs, and more server overhead in the form of making virtual 
hosting difficult, there are technical approaches to improve this 
situation (DNSSEC-based certs, SNI), and, notably, this overhead is 
*necessary*.

Otherwise HTTPS would be vulnerable to active man-in-the-middle attacks, 
just like your proposed protocol is. Without attestation that the site 
receiving the `pubkey` token is who it says it is, the encryption 
between the two is worthless. It would only protect against passive MitM 
attacks, but in reality if you are in a position to MitM passively you 
are very likely to be able to throw in an active attack just as easily.

> please don't say you instead you can use https / JS or some other thing
> that JUST DOESN'T WORK in real life.

HTTPS works fine. JS client-side-password-hashing approaches suffer from 
the same problem as your proposal: they can only ever protect against 
passive attacks.

-- 
And Clover
mailto:and at doxdesk.com
http://www.doxdesk.com/
Received on Thursday, 6 May 2010 12:52:04 UTC

This archive was generated by hypermail 2.4.0 : Wednesday, 22 January 2020 16:59:23 UTC