Re: ISSUE-183: Automatic Selfsigned Certificate acceptance/probation MUST NOT be implemented unless there is a history capability [wsc-xit] from Anil Saldhana on 2008-05-12 (public-wsc-wg@w3.org from May 2008)

From: Anil Saldhana <Anil.Saldhana@redhat.com>
Date: Mon, 12 May 2008 16:49:28 -0500
To: Joe Steele <steele@adobe.com>, "public-wsc-wg@w3.org" <public-wsc-wg@w3.org>
Message-ID: <4828BB68.5060409@redhat.com>

Hi Joe,
  I am copying the list for feedback from Yngve (on the history mechanism).

Regarding the usage of "Client" rather than User Agent, I had a similar 
question when I put in the text but kind of remembered the discussion 
during the meeting about the scope of the spec (whether only limited to 
web browsers or even text based browsers etc). Anybody else remembers or 
has issues with the word - Client.

Regards,
Anil

Joe Steele wrote:
> Hi Anil,
> 
> I have a question -- 
> 
> It is not clear to me what is meant by "a history mechanism about
> security information ". Can you point me to some clarifying text? I can
> think of different kinds of security history which would not be useful
> here.
> 
> And some picky comments -- 
> 
> Shouldn't the text refer to "user agent" instead of "client"? 
> 
> You should change "client also have" to "client also has".
> 
> Thanks,
> 
> Joe
> 
> -----Original Message-----
> From: public-wsc-wg-request@w3.org [mailto:public-wsc-wg-request@w3.org]
> On Behalf Of Anil Saldhana
> Sent: Sunday, May 11, 2008 2:32 PM
> To: Web Security Context Working Group WG
> Subject: Re: ISSUE-183: Automatic Selfsigned Certificate
> acceptance/probation MUST NOT be implemented unless there is a history
> capability [wsc-xit]
> 
> 
> The associated action, ACTION-418 has been completed. This issue is 
> ready to be closed.
> 
> Web Security Context Working Group Issue Tracker wrote:
>> ISSUE-183: Automatic Selfsigned Certificate acceptance/probation MUST
> NOT be implemented unless there is a history capability [wsc-xit]
>> http://www.w3.org/2006/WSC/track/issues/
>>
>> Raised by: Yngve Pettersen
>> On product: wsc-xit
>>
>> If a client is able to automatically accept a Selfsigned Certificate,
> or recover from similar problem without user interaction, it MUST NOT do
> so unless the client also have a history mechanism about security
> information.
>> The reason for this is that if there is no information about the
> previous security state available, an attacker can exploit such
> automatic actions to stage a Man-In-the-Middle attack by replacing the
> original site's certificate.
>

Received on Monday, 12 May 2008 21:50:16 UTC