[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-devel
Subject: Re: ssl auth failure gui: does "continue" do what I think it does?
From: Jeff Mitchell <mitchell () kde ! org>
Date: 2009-06-09 13:07:33
Message-ID: 4A2E5E95.4070503 () kde ! org
[Download RAW message or body]
[Attachment #2 (multipart/signed)]
Thiago Macieira wrote:
> Jeff Mitchell wrote:
>> Matthew Woehlke wrote:
>>>> But there isn't a choice. Certificates are essentially the only
>>>> encryption method feasible for most sites, because of e.g. browser
>>>> support. So if all you need is encryption, and not authentication,
>>>> you still have to use the same system.
>>> But *you don't get encryption* this way
>> But you do.
>
> The point is that, without authenticating the remote end, you open
> yourself to man-in-the-middle attacks, which means you achieved no real
> security.
I have been saying exactly the same thing (although after you stopped
your quoting above). You get encryption (really, the data is still
being encrypted, regardless of who it's being encrypted *to*...saying
it's not, like Matthew did, is factually wrong). You don't get security.
But you are ignoring my point. I have run across plenty of web sites
that use SSL/TLS for no discernible reason. Or perhaps they have it for
their own use, and the SSL link is the one that Google picked up when
I'm clicking through to a search result.
The fact that a site has encryption but doesn't have security (because
you can't authenticate them) doesn't mean I care one bit. Because for a
lot of those sites, I'd go to the same site even if they were using
plain HTTP with no security at all. Who needs encryption or
authentication when browsing mailing list archives? Who needs
encryption or authentication when browsing bug reports in a bugzilla as
a non-logged-in user?
The majority of self-signed certs I've encountered fit nicely into the
"don't care" category, and this may be the case for many other web
citizens. So my point was, the revamped text of the dialog box,
whatever it is, should be informative, not paranoid. It should describe
what the problem is (e.g. "The certificate for this web site has not
been verified by a trusted third party. Data you see or submit may not
come from the site you believe it is coming from.") with sane options
for the buttons (not just "continue" which has been demonstrated to be
vague).
It should avoid the supremely annoying four clicks Firefox now requires
(two is plenty -- what do you want to do, and are you sure?) and it
should work with keyboard shortcuts. And it should avoid the temptation
to be (drama warning) e.g. "zOMG someone is doing something *bad* on
this web site, you should really leave!!1!" Because such an
ultra-paranoid message is likely to be both untrue (they're probably
just cheap, not doing something bad) and misleading (it might be
perfectly safe to stay, as long as you understand the risks).
--Jeff
["signature.asc" (application/pgp-signature)]
>> Visit http://mail.kde.org/mailman/listinfo/kde-devel#unsub to unsubscribe <<
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic