[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-devel
Subject: Re: ssl auth failure gui: does "continue" do what I think it does?
From: Nicholas Tung <gatoatigrado () gmail ! com>
Date: 2009-06-05 23:49:28
Message-ID: fa81b0d10906051649j4e48aa78rcc7f0af556de37ac () mail ! gmail ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
Jeff - I hope you got my apology, I certainly didn't mean to start a
flamewar or disrespect you with some poorly thought out parenthetical
comment.
On Fri, Jun 5, 2009 at 15:36, Jeff Mitchell <mitchell@kde.org> wrote:
>
> > How
> > many /new/ unconfirmed sites do you come across for the four clicks to
> > be an annoyance?
>
> Plenty. Enough for me to find it annoying, obviously. It doesn't help
> that the clicks are hyperlinks so you can't alt+key them like you used
> to be.
Fair enough.
> > And, if you consider "ssh" to be a "savvy user thing", then what do you
> > say about the "IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!"
> > when the same situation occurs (i.e. the public key changes)?
>
> I don't follow. SSH works the same exact way. When you connect
> somewhere you don't know, it asks you to confirm this, then it stores
> that confirmation. This is like the Firefox behavior (except the
> Firefox behavior requires four confirmations). If a key changes, it
> gives you a warning...just like Firefox if the cert changes from one
> "invalid" cert to another.
Right, and one has to either edit the ssh command, or edit
~/.ssh/known_hosts, which is more complicated than saying "continue" (afaik
it simply spits this message out and quits). I guess KDE probably isn't
storing previous RSA keys, so it doesn't know that gmail.com used to have a
signed certificate, and now doesn't. This additional information might
justify whether it wants to make the dialog a one-click "accept key" or more
of a warning.
> and something like
> > "confirm security exception", or "accept permanently", "accept
> > temporarily", or "reject" (as with SSH) would be /much/ more
> > appropriate.
>
> Totally agreed.
Cool. Without reading the dialog carefully, imho "continue" seems too much
like "continue execution" (versus exiting the application).
On Fri, Jun 5, 2009 at 15:57, Michael Pyne <mpyne@purinchu.net> wrote:
> On Friday 05 June 2009 18:36:50 Jeff Mitchell wrote:
> > Nicholas Tung wrote:
> > > Exactly, you get encryption without authentication, which is useless
> for
> > > security unless you've accepted it before via a secure connection to
> the
> > > machine. In which case, see comment below...
> >
> > No, it's useless for authentication. It's entirely useful for
> > encryption, if that is all that you require for your security needs.
>
> In all fairness, typically encryption is used to prevent people from
> snooping
> in on the conversation between you and the destination.
This is true, I suppose I hadn't thought out the situation very fully.
[Attachment #5 (text/html)]
<div class="gmail_quote">Jeff - I hope you got my apology, I certainly didn't \
mean to start a flamewar or disrespect you with some poorly thought out parenthetical \
comment.<br><br><div class="gmail_quote">On Fri, Jun 5, 2009 at 15:36, Jeff Mitchell \
<span dir="ltr"><<a href="mailto:mitchell@kde.org">mitchell@kde.org</a>></span> \
wrote: <blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, \
204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"> <div class="im">
> How<br>
> many /new/ unconfirmed sites do you come across for the four clicks to<br>
> be an annoyance?<br>
</div><br>Plenty. Enough for me to find it annoying, obviously. It doesn't \
help<br> that the clicks are hyperlinks so you can't alt+key them like you \
used<br> to be.</blockquote><div><br>Fair enough.<br> </div><blockquote \
class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt \
0pt 0.8ex; padding-left: 1ex;"><div class="im"> > And, if you consider \
"ssh" to be a "savvy user thing", then what do you<br> > say \
about the "IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!"<br> > \
when the same situation occurs (i.e. the public key changes)?<br> </div><br>I \
don't follow. SSH works the same exact way. When you connect<br> somewhere \
you don't know, it asks you to confirm this, then it stores<br> that \
confirmation. This is like the Firefox behavior (except the<br> Firefox behavior \
requires four confirmations). If a key changes, it<br> gives you a warning...just \
like Firefox if the cert changes from one<br> "invalid" cert to \
another.</blockquote><div><br>Right, and one has to either edit the ssh command, or \
edit ~/.ssh/known_hosts, which is more complicated than saying "continue" \
(afaik it simply spits this message out and quits). I guess KDE probably isn't \
storing previous RSA keys, so it doesn't know that <a \
href="http://gmail.com">gmail.com</a> used to have a signed certificate, and now \
doesn't. This additional information might justify whether it wants to make the \
dialog a one-click "accept key" or more of a warning.<br> \
<br></div><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, \
204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"><div class="im"> > and \
something like<br> > "confirm security exception", or "accept \
permanently", "accept<br> > temporarily", or "reject" (as \
with SSH) would be /much/ more<br> > appropriate.<br>
</div><br>Totally agreed.</blockquote><div><br>Cool. Without reading the dialog \
carefully, imho "continue" seems too much like "continue \
execution" (versus exiting the application).<br></div></div><br> On Fri, Jun 5, \
2009 at 15:57, Michael Pyne <span dir="ltr"><<a \
href="mailto:mpyne@purinchu.net">mpyne@purinchu.net</a>></span> \
wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, \
204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"> <div class="im">On Friday 05 \
June 2009 18:36:50 Jeff Mitchell wrote:<br> > Nicholas Tung wrote:<br>
> > Exactly, you get encryption without authentication, which is useless \
for<br> > > security unless you've accepted it before via a secure \
connection to the<br> > > machine. In which case, see comment below...<br>
><br>
> No, it's useless for authentication. It's entirely useful for<br>
> encryption, if that is all that you require for your security needs.<br>
<br>
</div>In all fairness, typically encryption is used to prevent people from \
snooping<br> in on the conversation between you and the \
destination.</blockquote><div><br>This is true, I suppose I hadn't thought out \
the situation very fully.<br></div></div>
>> Visit http://mail.kde.org/mailman/listinfo/kde-devel#unsub to unsubscribe <<
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic