The draft explains this in more detail.

To use your example, there is now confusion over the identity of the
server.  The client thinks that they have connected to,
when in fact they have connected to

That's where the attacks start.  Requests made to over
that connection will be treated as *same-origin* to  That
violates the SOP and could allow to read confidential data

On 14 October 2016 at 11:15, John Gilmore <> wrote:
> I'm a bit puzzled by this "UKS" (Unknown Key Share) attack concept.
> The attack scenario, presented in section 2 of
> is that a user connects to the "attacker" site (say but
> actually has published's public key and is a
> man-in-the-middle (MITM) forwarding all the traffic to
> Now this MITM can't actually read or modify any of the traffic, they
> are just a passive conduit.  The most they can see is the timing of
> the traffic and the number of bytes involved.  The user sees
> Facebook's site, secured with Facebook's key, even though they
> connected to  (How or why the user was somehow convinced
> to connect to while seeking is unexplained.)
> So the threat is...  uh...  ?
> ... something about some cross-origin scripting firewall policy
> elsewhere in the system?
> Why do we care?
>         John

dane mailing list

Reply via email to