[whatwg] fixing the authentication problem

[Martin Atkins]

Eduard Pascual wrote:
> Not similar at all: for unencrypted connections, you have the "don't
> bother me again" option, in the form of an obvious checkbox; while
> with self-signed certificates you are "warned" continuously; with the
> only option to "install" the certificate on your system to trust it
> (which is a non-trivial task; out of the reach for most average users;
> still annoying even for web professionals; and, to top it up, you need
> to do it on a site-by-site basis).

There is some sense in this requirement to store the cert. It allows the 
browser to warn you if the cert changes later, which is what would 
happen if an attacker managed to intercept your connection. If you don't 
store the cert, one self-signed cert is the same as the next.

This is similar to the SSH model; the first time you connect, you're 
expected to manually check by some means that you're connecting to the 
right server.  On subsequent connections, you won't be bothered unless 
the key changes.

I'll concede that in most cases no-one actually verifies the key in the 
first connection case, but at least this requires an attacker to 
intercept your *first* connection from a particular client, rather than 
just any connection.

The UI for this is a bit overboard in today's browsers, but I think the 
general principle is sound.