Defending users of unprotected login pages with TrustBar 0.4.9.93
Axley, Jason
jason.axley at wamu.net
Thu Sep 22 12:52:48 EDT 2005
<snip>
David Wagner writes:
> One thing that web sites could do to help is to always make
> https://www.foo.com work just as well as http://www.foo.com, and
> then browser plug-ins could simply translate http://www.foo.com ->
> https://www.foo.com for all sensitive sites. Of course, web site
> operators may be reluctant to take this step on performance grounds.
I think that this trades one security problem for others in the
application security realm. Sites that allow for equivalent functional
duality in either HTTPS or HTTP protocols often suffer from problems
where the HTTPS site inadvertently references an HTTP URL instead of
HTTPS when doing something sensitive. Most people won't notice the
insecurity because the site "still works". I prefer when applications
break in insecure ways that they break loudly.
Security is a delicate dance. Again, it all depends on the threat model
and the relative probability and impact of each threat.
-Jason
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to
majordomo at metzdowd.com
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list