[cryptography] SSL is not "broken by design"

Ben Laurie ben at links.org
Mon Sep 19 22:20:41 EDT 2011

On Tue, Sep 20, 2011 at 12:42 AM, James A. Donald <jamesd at echeque.com>wrote:

> On 2011-09-20 8:46 AM, Nico Williams wrote:
>> Of course.  We need trusted UI paths.  That's a hard problem.  We know
>> users dislike SAS (secure attention sequences).  We know people want
>> full-screen apps.  These constraints make it almost impossible, if not
>> impossible to get any sort of trusted UI path,
> The user expects a login screen.  Login screens are *not* traditionally
> full screen, even on cell phones.  Therefore, if we take login out of the
> web page, if the user ceases to expect or perceive login as happening out
> there on the web, but instead perceives it as happening locally, the user
> will not expect a full screen login page.

That is not the issue. The issue is that if an app can be full screen it can
fake whatever a login window looks like.

> That is how gamer apps usually do it.
> If the login page has a distinctive look, not easily faked (non
> rectangular, overlapping the background, customized to user), it will be a
> trustworthy UI path.
> ______________________________**_________________
> cryptography mailing list
> cryptography at randombit.net
> http://lists.randombit.net/**mailman/listinfo/cryptography<http://lists.randombit.net/mailman/listinfo/cryptography>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.randombit.net/pipermail/cryptography/attachments/20110920/880a526b/attachment.html>

More information about the cryptography mailing list