Gervase Markham wrote:
Michael Roitzsch wrote:
If I understand things correctly, you want to have the browser
maintain a sort of whitelist of domains the user trusts. Whenever the
browser encounters a new SSL domain, the user is asked, if she wants
to include it in the list of trusted domains. Have I gotten the idea
right?
Nope. I don't think anyone with knowledge of browser UI and/or user
behaviour and acceptance would propose such a thing.
(I also was confused by this...)
What's proposed is a list of trusted (or untrusted) TLDs, set by us.
So, like a "root list of TLDs". Well, wouldn't this take
MF back into the judgement business? As I understand it,
Mozilla doesn't feel all that comfortable about auditing
the CAs, and Frank's emphasis has been on crafting a policy
that neutralises MF as a judgement agency. That sort of
policy should be dealt with consistently, one would hope.
Also, any solution should try and involve as few players
as possible. If the TLDs and MF is brought into the
equation, that would make it quite a barrier. We've
seen how (see Nelson's posts) hard it is to get the
Foundation or the product owners to think about security,
and Frank's efforts are slowed because of resources and
time; asking for yet another coordination effort could
be tough.
However, even with the discussed concepts in place, there is still the
problem with the homograph attacks, because the user has to recognize
a text string to decide on trust in a domain. One possibility is to
display punycode, but I think I have found a more general solution to
homograph attacks: You give the user a text input field below the
string to recognize and recommend that the user types in the string he
believes to be reading. The computer can then easily verify, if the
displayed and the typed string match and react accordingly.
I saw this proposed on Bugtraq; I think the participants there explained
quite well why it wouldn't work. But thank you for your input :-)
reference?
iang
--
News and views on what matters in finance+crypto:
http://financialcryptography.com/
_______________________________________________
Mozilla-security mailing list
Mozilla-security@mozilla.org
http://mail.mozilla.org/listinfo/mozilla-security