On 12/06/2013 11:31 AM, Nicholas Weaver wrote:
Then make the checkbox "Fuck it all, show my data to the world IF THE SERVER
CONSENTS", and have the leakage require both the server and client. I'm not
kidding here.
So, first lose the obnoxious part. Then, provide them with a real choice:
1. Use HTTP preferentially except where the server specifies HTTPS. Servers
will generally specify HTTPS for credit cards, login screens, and other
sensitive data. This is potentially the fastest method, but the least secure.
2. Always use HTTPS preferentially for the body page and URLs from the address
bar or bookmarks, but load embedded resources within the page using HTTP unless
the server directs otherwise. This is a good compromise for most people.
3. Always use HTTPS preferentially for all requests. This is potentially most
secure and slowest.
Then make the default whatever your preference is.
Especially for "javascripts and CSS" which you seem so happy to pass in the
clear: You let an attacker see a SINGLE ONE of your cleartext JavaScript or CSS
fetches and you are FUBAR. Game over, you're p0wned, have a nice day.
See your fetches? I understand MITM, etc., but see them?
Thanks
Bruce
--
Sent from my Android phone with K-9 Mail. Please excuse my brevity._______________________________________________
perpass mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/perpass
