yadis Digest, Vol 14, Issue 1
danlyke at flutterby.com
Thu Jun 1 14:32:40 UTC 2006
On Wed, 31 May 2006 22:49:30 -0700, Chris Drake wrote:
> I'd recommend prepending https:// if the user's entering his url on an
> https:// web site. Is there a way in the spec to "fall back" to a
> plain http:// one if the secure one fails? I think security is
> important - we're handling peoples identities here.
I think I could make an argument either way on this one, so I'm going to
argue the opposite from you just to make sure we have all of the issues on
the table. So, the arguments for http as the default:
1. Remember that this is already public information, we're handing it out
to a third party. The links contained within the Yadis document can point
to https resources.
1.a. Counter: Might open things up to "man in the middle" attacks, I
haven't looked carefully at how the various UserAgent libraries deal with
verifying certificates or thought much about how many DNS machines would
have to be compromised to make a reasonable attack. However, I remember
doing this analysis with LID and thinking that the risks were acceptable.
2. If the https fails, then we'd have to roll back to the http web site.
Since this is an operation that we're kind of hoping can be done in "user
clicks submit and gets back next interaction" sort of time, that's an
3. While I'm fine with paying a few bucks a year for domain registration,
I balk at a few hundred a year to a certificate authority, so defaulting
to https takes us that much further from user-owned identities.
I'm also quite happy to punt this particular issue off to the developers
of Relying Parties and seeing what evolves, as I really don't think it's
that critical to come up with a specific recommendation just yet. I'm just
resisting in the case of the conformance test because that's there to help
developers understand the protocol and where their use or implementation
of it may deviate from the spec, not there to be friendly to the users.
There were a few times when I started to put something like this in, and
then had to go remind myself that, no, the spec left that an open question
and I couldn't resolve it
More information about the yadis