IETF Logo Mail Archive

Re: MITM and proxy messages [was: Call for Adoption: draft-song-dns-wireformat-http]

Martin Thomson <martin.thomson@gmail.com> Mon, 08 August 2016 03:14 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DBFEC12D7BF for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sun, 7 Aug 2016 20:14:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -8.268
X-Spam-Level:
X-Spam-Status: No, score=-8.268 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-1.247, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Le9sykuy9T01 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sun, 7 Aug 2016 20:14:55 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C105D12B04E for <httpbisa-archive-bis2Juki@lists.ietf.org>; Sun, 7 Aug 2016 20:14:55 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.80) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1bWaxn-0001Um-2B for ietf-http-wg-dist@listhub.w3.org; Mon, 08 Aug 2016 03:10:51 +0000
Resent-Date: Mon, 08 Aug 2016 03:10:51 +0000
Resent-Message-Id: <E1bWaxn-0001Um-2B@frink.w3.org>
Received: from maggie.w3.org ([128.30.52.39]) by frink.w3.org with esmtps (TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <martin.thomson@gmail.com>) id 1bWaxh-0001U0-DV for ietf-http-wg@listhub.w3.org; Mon, 08 Aug 2016 03:10:45 +0000
Received: from mail-qk0-f172.google.com ([209.85.220.172]) by maggie.w3.org with esmtps (TLS1.2:RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <martin.thomson@gmail.com>) id 1bWaxc-0004AB-MG for ietf-http-wg@w3.org; Mon, 08 Aug 2016 03:10:44 +0000
Received: by mail-qk0-f172.google.com with SMTP id v123so178159437qkh.3 for <ietf-http-wg@w3.org>; Sun, 07 Aug 2016 20:10:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=mNArvr1IBh5jXa71J6UWrVcJ/n6ZOYWZdnulBmi82co=; b=D7c0wuqPG/G6s30MjDYs9U7r62Uw+R5RLbNV+oSPM1OCdCCb6g5YigzjLKQZubKd+f IlWxX1pxoG97c8qyy36TqjxxMK38+mlavuRLXUL3PttrRJvr28xzlvAOaWnWBDU+phMJ wL+IeLx1Xt5kvQpAPSgzUab0iCX1NSI1SE9W/YObWy8sfsb6g3puOKSq9IYlmcGOptJs njyXJVMTw/TDdjokq0IcOxXkuu1JmP4RUlS99jyxKNzCcJkphr2luzB+9dO8ZoijWLhl YFrRDHzUnE/08HCISTDW9Z4ZE06zBrLiLnSXKvV86HgMV1OsDNX0FYUY3BVjA4kLfMbz SCqw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=mNArvr1IBh5jXa71J6UWrVcJ/n6ZOYWZdnulBmi82co=; b=cH/MWj6dPdl8/fvmdO8pj/S/58zocm/83Onaj3puVSP3FkCylDu5/xjvxM1RmpdftB UzmFmsWh9tmrFELv6JrNH8jzr0HDWzd2IIZWFHdiZ0lfRmt9LXBdtXymIxzS/ZOP3uA9 5tl7GCuqPyK+3WYyFpe2+AS+HxWHp+ziIxya1bkyKoJg5fUiiM766/71VtyiXwknBcOA f7ZJD+cCI1GCzRIUBhLunkDqOVXl6X+NqxaUxbjCZ48Lv+0pmGOoDSv3eVmUYQbkefrv 9kR+NUyJd5udAu7v1tfglTeIbJvsA3a5y0XmaP5N+MwC5jnvVJJCEHS3NrjSp4TIYumc rVBA==
X-Gm-Message-State: AEkoouud2PdY+vzQ3SQru7xQAjSEThxp2U6HD5vTkmDRX2gvlUGezakoA0SKS2KrwGANwDrAAKmZ/puQyUIn9g==
X-Received: by 10.55.165.65 with SMTP id o62mr27527911qke.282.1470622188681; Sun, 07 Aug 2016 19:09:48 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.140.22.146 with HTTP; Sun, 7 Aug 2016 19:09:48 -0700 (PDT)
In-Reply-To: <57A76F02.4020708@mathemainzel.info>
References: <emf4b03d32-a847-4bb3-bfef-4d866b6dba9c@bodybag> <704A6BA4-E2EE-4458-AABB-21E953D1A207@laposte.net> <1A071CC0-3A1E-4E53-B1D0-DBE37FA53A6B@mnot.net> <57A76F02.4020708@mathemainzel.info>
From: Martin Thomson <martin.thomson@gmail.com>
Date: Mon, 08 Aug 2016 12:09:48 +1000
Message-ID: <CABkgnnXvDwAH=VSdH_c18caF2YppfoqdPwLAvABQWxXR-30XiQ@mail.gmail.com>
To: "Walter H." <Walter.H@mathemainzel.info>
Cc: HTTP Working Group <ietf-http-wg@w3.org>
Content-Type: text/plain; charset="UTF-8"
Received-SPF: pass client-ip=209.85.220.172; envelope-from=martin.thomson@gmail.com; helo=mail-qk0-f172.google.com
X-W3C-Hub-Spam-Status: No, score=-7.9
X-W3C-Hub-Spam-Report: AWL=1.829, BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, W3C_AA=-1, W3C_DB=-1, W3C_IRA=-1, W3C_IRR=-3, W3C_WL=-1
X-W3C-Scan-Sig: maggie.w3.org 1bWaxc-0004AB-MG d99662dafa0abd6afdb13ecf1c6f486a
X-Original-To: ietf-http-wg@w3.org
Subject: Re: MITM and proxy messages [was: Call for Adoption: draft-song-dns-wireformat-http]
Archived-At: <http://www.w3.org/mid/CABkgnnXvDwAH=VSdH_c18caF2YppfoqdPwLAvABQWxXR-30XiQ@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/32217
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

On 8 August 2016 at 03:25, Walter H. <Walter.H@mathemainzel.info> wrote:
> configured proxies are not the bug; why not just simpy use plain HTML?


Because the problem we're trying to avoid is spoofing.  The browser
needs to own the UX for the page that appears or we risk showing
something that could be mistaken for the real thing.  A link and some
text is maybe manageable.

To Amos' point, branding is likely a step too far.  Yielding that much
control over pixels is probably not going to happen.  And yes, this
implies that we don't trust the proxy.  If the user wanted
bank.example.com and they got proxy.example then that looks like an
attack.

v2.23.0 | Report a Bug | By Email