RE: Section 5.3: Mike McCormick's General Principals (Error Signaling) from michael.mccormick@wellsfargo.com on 2007-09-27 (public-wsc-wg@w3.org from September 2007)

From: <michael.mccormick@wellsfargo.com>
Date: Thu, 27 Sep 2007 11:28:30 -0500
To: <tlr@w3.org>
Cc: <Anil.Saldhana@redhat.com>, <public-wsc-wg@w3.org>
Message-ID: <9D471E876696BE4DA103E939AE64164D40C002@msgswbmnmsp17.wellsfargo.com>

Thomas,

Thanks for the clarification on 5.3.2.  If the compliance language in
that section were updated to more explicitly require user notification
and approval before an agent is redirected to the other URL, that would
make it more acceptable to me (for whatever that's worth) and certainly
more understandable.

I also noticed 5.3.2 is specifically denoted as Normative.  Why is 5.3.1
not also marked Normative?

Thanks, Mike

-----Original Message-----
From: public-wsc-wg-request@w3.org [mailto:public-wsc-wg-request@w3.org]
On Behalf Of Thomas Roessler
Sent: Thursday, September 27, 2007 10:09 AM
To: McCormick, Mike
Cc: Anil.Saldhana@redhat.com; public-wsc-wg@w3.org
Subject: Re: Section 5.3: Mike McCormick's General Principals (Error
Signaling)

On 2007-09-25 14:34:24 -0500, michael.mccormick@wellsfargo.com wrote:

> Normative section 5.3.2 OTOH is a specific agent requirement 
> (redirection based on server certificate subject) that goes beyond 
> anything I had proposed.

Correct.

> If I interpret 5.3.2 correctly, it says when Alice types the URL 
> "https://www.Bob.com" in her browser, but the browser encounters a 
> server SSL certificate with a subject DN of "www.Carol.com", then 
> Alice's browser would be silently redirected to URL 
> "https://www.Carol.com".  This seems to create a new attack vector for

> Carol to divert https traffic from Bob's site to her own, without 
> Alice being informed unless she happens to notice the change on her 
> location bar.  Hopefully I misunderstood.

Your reading suggests a need for clarifying the language in that
section.

The idea is that, if there's a reasonably strong SSL certificate in
place, Alice be offered the possibility to navigate to Carol, by way of
an error page.

A quick mock-up (as good as that's possible in text/plain ;-):

	You tried to navigate to www.bob.com.  That site could not
	be reached.  Instead, you were connected to a site of Foobar
	Industries.

	[ Go back ] [ Take me to Foobar Industries ]

Cheers,
--
Thomas Roessler, W3C  <tlr@w3.org>

Received on Thursday, 27 September 2007 16:29:02 UTC