Re: [cap-talk] Firefox breaks the principle of identifiability

[Tyler Close]

On Feb 7, 2005, at 12:35 PM, Ka-Ping Yee wrote:
> Pet names would be a good step toward a solution of this problem.
> However, i'm inclined to think that Unicode domain names are just
> inherently insecure and should not be used.

The central point of my essay on the petname toolbar is that phishing is
the result of name conflation. Under the PKI, a domain name is used to
identify both the target site of a hyperlink, and the trust
relationship between the user and the target site. It is just broken to
allow the potential attacker to provide the name used to recognize a
trust relationship. That's the problem.

Petnames solve this problem by eliminating the name conflation. A
separate namespace is used to identify trust relationships. This
namespace is managed solely by the user's browser, thus eliminating the
potential attacker from the name recognition process. That's how the
petname toolbar solves the phishing problem, both in theory and in
practice.

See:

http://www.waterken.com/dev/YURL/Name/

>  Even if users learn
> to identify sites with pet names, they are still vulnerable to
> confusion if they look at the location bar, read the name there,
> and type it into the location bar later.

Please elaborate. I don't see a problem here.

> What do you think of this problem?

IDNs are perfectly fine, so long as they are only used to identify link
targets and not trust relationships.

Tyler

---
The web-calculus is the union of REST and capability-based security:
http://www.waterken.com/dev/Web/