- From: Thomas Roessler <tlr@w3.org>
- Date: Mon, 26 Mar 2007 13:00:33 +0200
- To: public-wsc-wg@w3.org
Preparing for a talk, I'm going through some of our SharedBookmarks. Xia and Brustoloni had a paper, Hardening Web Browsers Against Man-in-the-Middle and Eavesdropping Attacks, at WWW 2005. In that paper they report successful user studies with two techniques: - Context-Sensitive Certificate Verification The success here is not that surprising, since there's actually no user override, but instructions for users how to obtain necessary information to secure their clients. I'm not sure how scalable that really is. - Specific Password Warnings This one focused on telling people very explicitly that they were submitting passwords in an unencrypted manner; they were looking for "password" type input fields (the starred ones). The flixster story that hit Slashdot today [1] makes me wonder if there is a somewhat more general good practice around helping users understand when they are submitting passwords "differently." I'd be curious to hear more about what's actually been implemented and/or tested in this space. 1. http://www.theinternetpatrol.com.nyud.net:8080/is-flixster-a-big-fat-spammer-are-they-hacking-your-aol-or-hotmail-address-book The idea would be to trigger very specific warnings when, e.g., - people submit passwords unencrypted that have only ever travelled thorugh TLS - people submit passwords to a site with a different TLS "identity" (the petnames notion of "identity" might be appropriate here) - people try to submit passwords through forms (or some script reads a form field, for that matter) that were used with secure password protocols before. Thoughts? -- Thomas Roessler, W3C <tlr@w3.org>
Received on Monday, 26 March 2007 11:00:19 UTC