On 09/07/2011 12:03 PM, Eran Hammer-Lahav wrote:
We clearly have different views on what it means to "[deal] with this like an adult".
Very possibly. What bothered me was the reflexive dismissal of usability issues without consideration, and the nasty tone of some of the responses. When someone suggests that Mike Thomas doesn't understand trusted third-party authentication protocols, someone just blew it, big time. But aside from the personal attacks, usability is a huge, huge problem in security, and often protocols that are "secure" under ideal circumstances are actually riddled with vulnerabilities in the field. While you can't prevent users from making bad choices, you should probably try to minimize their ability to do so or at least try to understand where things can go wrong. I think it's not *that* long since entirely too many people were nailed by a MITM attack against ssh on an IETF meeting wireless network, when they were presented with a new host key and rather than wondering why the key had changed they said "Gee, thanks!" and accepted it. Even very sophisticated users can make bad choices that lead directly to compromise. It's not possible to catalog every possible usability issue, but I do think that it's a worthwhile exercise to give at least some thought to what choices are being presented to users that are peculiar to the technology in question, and I think a threats document is an ideal place to do that. Melinda _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
