[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: New standard for privacy control. (Was: Stripping code with Privoxy)

-------- Original-Nachricht --------
Datum: Sat, 10 Mar 2007 09:35:19 -0800
Von: "Michael_google gmail_Gersten" <keybounce@xxxxxxxxx>
An: or-talk@xxxxxxxxxxxxx
Betreff: New standard for privacy control. (Was: Stripping code with Privoxy)

> Here's a better idea.
> Why do we make the assumption that a browser can trust everything it is
> given?
> That's a serious question. Why do browsers not have an external
> verification plug in?
> Lets say we wanted to design such a browser extension. 

You haven't specififed the threat(s) you are trying to protect against. You should never try to build a solution without a clear description of the problem.

To prevent other people from tampering with data on a remote connection there is ssl. To prevent MITM Attacks there is ssl. If you do not trust the server, and want to be sure that a document is from a certain person, there is GPG, S/Mime etc.

> So lets say we wanted to design such a standard.

It looks like you might be trying to reinvent the wheel, when you talk about defining a standard...

However integrating the possibilities of gpg into browsers would be a nice thing, but given that this thread started on the topic of injecting (mailicious) code into webpages, that's probably n entirely different threat model you have in mind.

And of course, let's not kid ourselves - the majority of users are overwhelmed/uninformed about how to make proper use of ssl (What are CAs? How do I verify a certificates? How to react to what kind of warnings?), so it's unlikely that something more complex that works on a document basis, or fragments of documents is going to be more successful in actually reaching its goals (i.e. appropiate use rather than just wide adoption with uninformed/dangerous use).

"Feel free" - 10 GB Mailbox, 100 FreeSMS/Monat ...
Jetzt GMX TopMail testen: www.gmx.net/de/go/mailfooter/topmail-out