RE: Browser security warning

I agree with these comments. This should be the focus.

 

1.	Figuring out who you are talking to (e.g. you are connected to the
site you really want to be connected to and the site knows who they are
communicating to)
2.	protection from prying eyes (session is end to end protected from
things like man in the middle)
3.	You either reach the site you want at the security level the site
has deemed appropriate or you don't reach it at all

 

  _____  

From: public-wsc-wg-request@w3.org [mailto:public-wsc-wg-request@w3.org] On
Behalf Of Mary Ellen Zurko
Sent: Thursday, January 04, 2007 6:47 PM
To: ses@ll.mit.edu
Cc: public-wsc-wg@w3.org
Subject: Re: Browser security warning

 


> > The main point is that naively differentiating between a "secure"
> > state (padlock) and an insecure one (no padlock) isn't very effective.
> > I don't believe that changing from that binary approach to an N-ary
> > one, where the N options map to TLS state-machine states will be any
> > more effective. We need a subtler mix...
> 
>    I agree that the padlock isn't effective.  I'm also against an N-ary
> approach.  Having sites with self-signed certs appear with an HTTPS in the
> address bar adds a new category users have to understand.
> 
>    I'm for having only one level of security (not the current two
> states)---you either reach the site in the address bar at the security
level
> the site has deemed appropriate, or you don't reach it at all.

Interesting. I keep thinking part of the problem is trying to define all of
security, instead of the parts that matter (protection from prying eyes,
figuring out who you're talking to). Those don't strike me as categories too
subtle for humans, since there are obvious human analogs (in a sealed
envelope vs with a signature, for example). 

        Mez