- From: Close, Tyler J. <tyler.close@hp.com>
- Date: Thu, 11 Oct 2007 20:35:34 -0000
- To: "Web Security Context Working Group WG" <public-wsc-wg@w3.org>
Thomas wrote: > I propose to replace the MITM handling [1] in the Safe Form > Bar with a reference to [2]. Specific issues with the current > text at [1]: > > - It's inconsistent with MITM handling elsewhere in the spec, > in particular [2]. The MITM detection in the editor bar is stronger than what can be specified elsewhere in the spec, since the editor bar can use its history database to detect a CA substitution attack. For example, if in the past a site has used ExampleCA, and is now using Example2CA, and the certificates don't meet any of the other match cases [1], the editor bar can say it's an MITM. Other parts of the spec can at best present a warning saying the cert is unrecognized, but may or may not be legitimate. > - The phrase that suggests sending a notification should be removed. Why shouldn't the user be given the option of reporting the attack? I think it's important to always give the user a path forward; otherwise, they'll find their own, with likely negative consequences. In this case, reporting the attack is the best available option. The user agent SHOULD point this out and not leave the user to guess at what to do next. --Tyler [1] http://www.w3.org/2006/WSC/drafts/rec/rewrite.html#safebar-associating
Received on Thursday, 11 October 2007 20:36:42 UTC