OK, we have the more
From: Daniel Veditz
Sent: Tuesday, April 15, 2014 11:09 AM
On 4/15/2014 7:43 AM, nobody wrote:
>I just wondered... what is the pull back regarding Convergence to put it in
>the webbrowsers by default?
The main issue is who are the notaries? ...
Whatever we do, it has to resist attacks by nation-states.
That's now a practical, rather than a theoretical, problem.
The main practical problems with convergence are that it introduces a
dependency on traffic to a 3rd party which hurts privacy, reliability,
and performance.
True. This is a problem with all out of band validation schemes,
and some in-band ones. One way to ameliorate the performance problem
is to display the page before third party validation has been
complete, but delay form input, the appearance of the lock icon,
and sending of any data from client to server until third
party validation checks out. So you can see a login page
immediately, but the "submit" button won't take effect until validation
checks out. If it doesn't check out, the user gets an alert, of course,
and nothing gets sent.
This delay has to include any client to server communication
initiated from the page, including cookie replies. Otherwise a
fake page can steal credentials stored by the browser.
This is probably worth putting into Firefox if any kind of third
party cert validation goes in. The alternative, stalling page load
and display, would degrade performance as observed by users.
John Nagle
SiteTruth
_______________________________________________
dev-security-policy mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-security-policy
