[Top] [All Lists]

Usability RE: Write an RFC Was: experiments in the ietf week

2008-03-25 05:45:27
What I am trying to get at here is the problem of usability. Security is no use 
to me to stop Internet crime if everyone either turns it off or is unable to 
use it. The layered model is a big problem here because the lower layers 
abstract away the user. There is no user interface, there are no user oriented 
use cases and as a result the protocols fail to deliver the necessary 
information to the upper layers to allow the user to make sure that they are 

"3. Do Not Verify Server Cert and we won't verify yours :)"

OK, it is a good idea to turn on confidentiality and integrity. But this is not 
something that is really going to help solve the evil twin WiFi attack out in 
the general population. Its a pretty insidious attack as the effects are 
localized and we can't measure the frequency. 

If we are going to do experiments then we should be providing feedback to the 
relevant parties. Pointing out to the IEEE that WiFi security fails basic 
principles of security usability - the user does not have sufficient 
information to distinguish the intended connection from the twin - would be a 
useful purpose.

Of course, going round pointing out this sort of thing to others would make it 
incumbent on us to fix the same problems in our protocols.

-----Original Message-----
From: Patrik Fältström [mailto:patrik(_at_)frobbit(_dot_)se]
Sent: Mon 24/03/2008 10:30 PM
To: Hallam-Baker, Phillip
Cc: Russ Housley; IETF Discussion
Subject: Re: Write an RFC Was: experiments in the ietf week

On 25 mar 2008, at 02.18, Hallam-Baker, Phillip wrote:

I am willing to have a go at it next time round but only if I have  
some idea what I am expected to have on my machine and what  
authentication indicata I am to expect.

As it stands there is no way for me to evaluate an authentic or  
inauthentic experience. I don't know what authentic looks like. I  
have no trust anchor.

This email message sent to me was enough of a trust anchor to use  
802.1x. Specifically as "the instructions" are the same as IETF-70 and  
previous meetings.

Sure, the mail was not signed, but I also asked a friend at the  
meeting "what he used". And as we both had the same instructions, we  
trusted that. If we wanted to, we could have asked someone actually  
running the network, but we did not feel we had to.


IETF mailing list
<Prev in Thread] Current Thread [Next in Thread>