On Tue, Mar 25, 2014 at 4:11 PM, Watson Ladd <[email protected]> wrote: > On Tue, Mar 25, 2014 at 4:47 PM, Trevor Perrin <[email protected]> wrote: >> >> Maybe adding other auth methods to HTTP-over-TLS >> would be best done silently, with no UI unless a security failure >> occurs? > > Sadly this doesn't work. If I can imitate the website because of a > WebPKI failure, I can pretend to not support whatever additional auth > is done.
Not necessarily. Consider pinning - the browser could remember some security policy for a site, and apply it to future HTTP-over-TLS connections. Or consider a plugin that performs online lookups to (Convergence / Perspectives / DNSSEC etc) for HTTP-over-TLS sites, and raises an error if the site's keys are suspicious, or the lookup server can't be reached. These are things that could be built on top of "opportunistic encryption" for HTTP, so my point is that OE could be about more than just passive eavesdropping. Trevor _______________________________________________ Uta mailing list [email protected] https://www.ietf.org/mailman/listinfo/uta
