W3C home > Mailing lists > Public > www-tag@w3.org > February 2015

Re: Considering the pressure to turn HTTPS into a three-party protocol

From: Ryan Sleevi <sleevi@google.com>
Date: Sun, 15 Feb 2015 21:25:22 -0800
Message-ID: <CACvaWvYwBcHesVkQV7Lco89t02AmonAQ2e6aL4CPznxrVPZDug@mail.gmail.com>
To: www-tag@w3.org
> Of those, only CA certificates and extensions are the things that
> browsers let users download and install _into_ the browser. (Not sure
> what "browser helpers" are.)

As I noted to Mark, this is neither a correct nor accurate presentation.

For every browser but Firefox (as distributed by Mozilla), installing
a root certificate is the same as installing/executing a native
application. It's a choice the user makes to modify their OS. The
browser fully hands off this decision to the OS, as it does all
executable files, to let the OS make its decisions.

If we follow the line of argument that the UA should not hand things
off to the OS to handle, then I would expect a TAG work item on
malware (and potentially unwanted applications), since that's a far
more pressing, prevalent, and relevant issue to the matter of users'
online experiences.

> Installing a third-party root certificate gives that third party wild
> powers over the user's browsing experience from then onwards, and
> through indirect means could affect subsequent downloads and
> installations of others' software. It's not physical access, but in
> today's world it's basically like putting on an Oculus Rift running
> unknown code and unknown apps.

My point is that you can read that exact same paragraph by simply
replacing "Installing a third-party root certificate" with "Running a
third-party application as an administrator", and everything you just
said still applies. So who do we fault here? The UA? Or the OS?

> In the all-HTTPS web we're trying to get to, how the trust store is
> managed is a feature of the Web platform.

That's where I'm just going to have to disagree and bow out of this
conversation, because of how absolutely and passionately I disagree
with this sentiment. This is not the Web platform.
Received on Monday, 16 February 2015 05:25:49 UTC

This archive was generated by hypermail 2.3.1 : Monday, 16 February 2015 05:25:49 UTC