[Cryptography] client certificates / client-side proxy

John Gilmore gnu at toad.com
Tue May 27 19:40:06 EDT 2014


> Good security design is compartmental.  We should be 
> writing software that has strictly defined information
> inputs and outputs, and does specific, narrow things 
> with them.  Ideally, most of the "sensitive" pieces 
> should start, run, and exit without ever putting up 
> any UI. 
> 
> A client-side proxy is a much better idea in the first 
> place than a plugin, because a client-side proxy has 
> much more narrowly defined information input and output 
> and a much more well-defined job to do.  Its design need
> not be warped by conforming to conventions or standards 
> driven by non-security considerations. 

I'm confused.  What's the difference between a "client-side proxy"
versus a "wifi access point that hijacks the first web access" versus
a "man in the middle"?

It seems to me that a client-side proxy has a broad scope for
mischief, since by definition all the browser's traffic has to go
through it.  To the extent that it has ANY user interface, it has to
ALTER the received HTML in order to present information to the user,
or solicit information from the user.  This is not a recipe for either
good UI design nor end-to-end security.

	John


More information about the cryptography mailing list