[Standards-JIG] Re: The Great Encryption Debate

Nolan Eakins sneakin at semanticgap.com
Tue Aug 9 18:17:47 UTC 2005

Jacek Konieczny wrote:
> On Tue, Aug 09, 2005 at 02:46:08AM +0100, Ian Paterson wrote:
>>Especially since, to gain Aunt Tillie's acceptance, the default mode
>>needs to be 100% transparent for her (like https:).
> But what security gives https: to Aunt Tillie? She usually will type
> http:// address anyway and will be only redirected to https://. She will
> not check if the address in the location bar is right, she will not
> check certificate details. IMHO talking about security for Aunt Tillie
> makes no much sense. IMHO it would be better to design things for a user
> a bit smarter than Aunt Tillie, the one who is able to get anything from
> any security features. And then we my try to make some of the features
> accessible to Aunt Tillie (making things less secure for her than for
> the primary target, of course).

The "http://" redirected to "https://" is correct, but Auntie will still 
check to see if the address bar is gold (in FF) or for a little lock in 
the status bar if she's read about how to protect herself online. With 
spyware and whatnot making the news I'm sure she has got a little 
paranoid herself.

Things don't have to be 100% transparent to her. If she's paying for 
notifications from the NY Times, then the Times bot would need to iniate 
the secure session. I suppose the only thing she would have to see is 
when the Times bot's key changes, but while typing in some example text 
for a message box I realized the verification could be automatic. The 
client could abort the whole session if the key doesn't verify and give 
a "Sorry, the bot at times.com is lying about who it is." message. Her 
client also needs to be real apparent about what's secure and not, ie: 
FF's gold address bar.

- Nolan

More information about the Standards mailing list