Re: Draft finding - "Transitioning the Web to HTTPS" from Mark Watson on 2014-12-10 (www-tag@w3.org from December 2014)

From: Mark Watson <watsonm@netflix.com>
Date: Wed, 10 Dec 2014 09:26:43 -0800
To: Domenic Denicola <d@domenic.me>
Cc: Marc Fawzi <marc.fawzi@gmail.com>, "Eric J. Bowman" <eric@bisonsystems.net>, Chris Palmer <palmer@google.com>, Melvin Carvalho <melvincarvalho@gmail.com>, Mark Nottingham <mnot@mnot.net>, "www-tag@w3.org List" <www-tag@w3.org>
Message-ID: <CAEnTvdCm1UGupa8aysUMEc_PZRkjm1z6ewAiFv5672gyJkHJfg@mail.gmail.com>

On Wed, Dec 10, 2014 at 9:18 AM, Domenic Denicola <d@domenic.me> wrote:
>
>
> Nope, web crypto needs a secure transport to make any sense at all. It's a
> bootstrapping problem. If you're on an insecure channel (whether HTTP or
> employer-MITMed HTTPS), web crypto provides no guarantees at all.
>

This is a side issue that we should not rathole on, but the reason the
WebCrypto Working Group declined to restrict WebCrypto to secure origins
was that there are some *limited* things that can be obtained with
WebCrypto even for HTTP sites. For example, confidentiality against passive
monitoring. The counter-argument is that such things are of no utility, but
that is a use-case-dependent judgement call, rather than a technical issue.

...Mark

Received on Wednesday, 10 December 2014 17:27:10 UTC