[cryptography] SSL is not "broken by design"
ben at links.org
Mon Sep 19 22:20:41 EDT 2011
On Tue, Sep 20, 2011 at 12:42 AM, James A. Donald <jamesd at echeque.com>wrote:
> On 2011-09-20 8:46 AM, Nico Williams wrote:
>> Of course. We need trusted UI paths. That's a hard problem. We know
>> users dislike SAS (secure attention sequences). We know people want
>> full-screen apps. These constraints make it almost impossible, if not
>> impossible to get any sort of trusted UI path,
> The user expects a login screen. Login screens are *not* traditionally
> full screen, even on cell phones. Therefore, if we take login out of the
> web page, if the user ceases to expect or perceive login as happening out
> there on the web, but instead perceives it as happening locally, the user
> will not expect a full screen login page.
That is not the issue. The issue is that if an app can be full screen it can
fake whatever a login window looks like.
> That is how gamer apps usually do it.
> If the login page has a distinctive look, not easily faked (non
> rectangular, overlapping the background, customized to user), it will be a
> trustworthy UI path.
> cryptography mailing list
> cryptography at randombit.net
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the cryptography