-  

Tags for the session - công nghệ discussed/ideas considered: HTTPSY: a proposal for a protocol that eliminates the need for certificate authorities in many cases and enables placing sensitive information in a bookmarkable links. Also enables the creation of secure bookmarkable OAuth bearer tokens.

Discussion notes, key understandings, outstanding questions, observations, và, if appropriate khổng lồ this discussion: action items, next steps: Draft format of the new httpsy protocol proposal:

httpsy://algorithm:fingerprint
domain:port/path1/!redactedPath2/…

the protocol is httpsy. The algorithm is used to lớn interpret the fingerprint, for example, “sha-256”. The fingerprint of the public key is used to challenge the VPS to prove that he is the holder of the public key, lớn foil DNS cabít poisoning & similar attacks. Any part of the path prefixed with a bang “!” is redacted when the url is displayed in the window by the browser, in the referrer header, & in hệ thống logs.

Controversy over whether this improves the user’s situation with respect khổng lồ phishing or makes it worse: on the one h&, the tên miền that people look at lớn see where they are is buried in a long string of gibberish, on the other hand, it can be claimed that the use of the tên miền to lớn determine your location, in a world with millions of sites, necessarily not humanly distinguishable, is the source of the problem, not the solution.

Bạn đang xem:

System eliminates need for certificate authorities in many circumstances, the self-signed cert is adequate to prove sầu that, if someone you trust gives you a link, you are guaranteed when you click the liên kết lớn arrive sầu at the place the trusted buổi tiệc nhỏ intended for you to go.

Concern raised about untrustworthy parties sending you khổng lồ untrustworthy places, but they can vì that today anyway.

Often requires a “trust on first use” pattern similar to what you vì chưng with ssh.

Xem thêm: Voz - Cách Vào Khi Bị Chặn Trên Máy Tính, Điện Thoại

Does not solve sầu the problem with reliably going to a place that you saw on a billboard, since the billboard must be completely memorable.

The redacted parts prefaced with a bang can hold credentials, turning these liên kết into unguessable self-authorizing liên kết, suitable for use both as bookmarkable webkeys & as oauth bearer tokens.

Xem thêm: Thông Tin Tuyển Dụng Từ Trung Tâm Giới Thiệu Việc Làm Bảo Lộc Lâm Đồng

Alan Karp và Marc Stiegler are leading a group that meets on Friday mornings, with people from HP, Google, PayPal, and others, khổng lồ develop an RFC spec for httpsy.


Retrieved from "https://sathachlaixe.vn/index.php?title=HTTPSY_–_Leave_the_Certificate_Authority_Behind&oldid=19568"