- From: Henry Story <henry.story@bblfish.net>
- Date: Thu, 6 Sep 2018 20:16:44 +0200
- To: John Kemp <johnk@stabledomain.net>
- Cc: Dan Daniel Appelquist <dan@torgo.com>, TAG List <www-tag@w3.org>
- Message-Id: <E7F5019D-E7D6-4DCF-BED6-FF44BB653172@bblfish.net>
> On 5 Sep 2018, at 19:41, John Kemp <johnk@stabledomain.net> wrote: > > I guess the problem, succinctly stated, might be this: > > 1. Website owners want it to be difficult for their identity to be forged - they want their customers to be coming to them, and not an imposter. The URL is part of their brand identity. Attackers frequently (and successfully) imitate legitimate sites by imitating their URLs. > > 2. Ordinary users want to be sure they are visiting the correct store; when you hand over either money or other valuable data, you don’t want to be giving it to an attacker. It is increasingly difficult for an ordinary person to tell that they are being attacked, due to having to parse complicated-looking URLs in order to verify their own security. > > The relationship between URL and identity has been fraught since the Web began, and the TAG has attempted to address this question before. Having a better relationship between technical identity, and the intuitive ("brand”) identity of a site may be helpful in improving Web security. I have a proposal on how to get this to work correctly without giving up on URLS by tying institutions and nations into the web. They have the money, the legal frameworks, the police and others to deal with fraud and the international relations requirements to make this work. It of course has to be decentralised, to take into account that nations don't see alike on many issues. "Stopping HTTPs Phishing" https://medium.com/cybersoton/stopping-https-phishing-42226ca9e7d9 Hope that helps, Henry > > - johnk > >> On Sep 5, 2018, at 1:24 PM, Daniel Appelquist <dan@torgo.com <mailto:dan@torgo.com>> wrote: >> >> Ever since there has been a URL people have been proclaiming its imminent demise. However, from what I can tell, the article is about how the URL is surfaced in a specific browser UI. This feels out of scope for the TAG. >> >> Dan >> >> On Wed, 5 Sep 2018 at 17:55 Melvin Carvalho <melvincarvalho@gmail.com <mailto:melvincarvalho@gmail.com>> wrote: >> Bit of a click-baity title, but this article, which is about the URL in the browser, may be of interest to the TAG >> >> https://www.wired.com/story/google-wants-to-kill-the-url/ <https://www.wired.com/story/google-wants-to-kill-the-url/> >> >> I posted this here because there was a request from Adrienne Porter Felt (chrome) for feedback >> >> https://twitter.com/__apf__/status/1037057268510912512 <https://twitter.com/__apf__/status/1037057268510912512> >> >> "If you're an academic researcher doing work in this space, I would LOVE to hear from you!" >> >
Received on Thursday, 6 September 2018 18:17:12 UTC