undefined | Better HN

0 pointslucideer6y ago0 comments

I think the point here is that there's also no way to distinguish a http request from an attack.

It's fair enough to an argue that a self-signed cert could be an attack, but so could any http request.

> a no-cert (unencrypted) connection can be distinguished from an attack on an encrypted connection: the browser knows a priori (through the protocol in the URL) that the connection is supposed to be unencrypted.

I don't understand how that allows one to distinguish it from an attack. Knowing that a connection is supposed to be unencrypted is just equivalent to knowing that a connection could be under attack.

0 comments

knome6y ago

Rightly punishing the connection for having the trappings of security when it actually lacks it doesn't mean we need to punish openly insecure traffic. End users have been told time and again that http is insecure, and so it's fine to leave it. End users should also be able to trust that https means secure without having to distinguish between secure and secure unless I'm being mitm'd and needing to understand what any of that means.

lucideerOP6y ago

To echo @mrob's comment (not sure why they've been downvoted), relying on user-understanding of HTTP -vs- HTTPS is considered a failed experiment, and actively discouraged. Chrome in particular are moving to bring this into the browser UI by marking HTTP sites as insecure (rather than relying on users understanding that HTTPS is secure, which they don't).

mrob6y ago

Most end users have no idea what HTTPS is. They've just been (incorrectly) taught that the padlock means it's secure. Disable the padlock for self-signed HTTPS, and disable the CA-signed HTTPS-only features, and it becomes strictly better than HTTP.

namibj6y ago

Especially because there is no way to MITM a connection with perfect-forward-secrecy only if it ends up serving a self-signed certificate, because the connection first negotiates an ephemeral key with which everything, including the certificate, will be encrypted.

This means that with eSNI and at least one CA-signed cert on the IP, any attacker runs the risk of having to spoof the CA-signed certificate.

1 more reply

yencabulator6y ago

The http version can't access secure cookies; https with the wrong cert can use the secure cookies of the real https site.

mrob6y ago

So disable secure cookies by default for self-signed certs. The scary warnings can be shown when the user tries to enable them.

ivanbakel6y ago

In other words, "open users up to social engineering attacks to make my web-dev life easier".

1 more reply

j / k navigate · click thread line to collapse

0 pointslucideer6y ago0 comments

I think the point here is that there's also no way to distinguish a http request from an attack.

It's fair enough to an argue that a self-signed cert could be an attack, but so could any http request.

I don't understand how that allows one to distinguish it from an attack. Knowing that a connection is supposed to be unencrypted is just equivalent to knowing that a connection could be under attack.

0 comments

knome6y ago

lucideerOP6y ago

mrob6y ago

namibj6y ago

This means that with eSNI and at least one CA-signed cert on the IP, any attacker runs the risk of having to spoof the CA-signed certificate.

1 more reply

yencabulator6y ago

The http version can't access secure cookies; https with the wrong cert can use the secure cookies of the real https site.

mrob6y ago

So disable secure cookies by default for self-signed certs. The scary warnings can be shown when the user tries to enable them.

ivanbakel6y ago

In other words, "open users up to social engineering attacks to make my web-dev life easier".

1 more reply

j / k navigate · click thread line to collapse