Serving the login page over http opens login up to MITM attacks by injecting scripts to swipe passwords or modifying the form to only use http. So you've already eliminated half the reason we introduced https. Additionally you cannot control the action="" using a checkbox unless you use JS to do it (and we strive to make sure our login form works for those without JS). So in order to make a disable SSL checkbox work you have to make the action="" a http page that does redirection. However doing that means that now the password is posted over HTTP and a MITM middle can now snoop passwords. Worse this eliminates most of the rest of the advantage of https because now MITM also means we're all the way back to making it possible to snoop user passwords in open Wi-Fi.
On Mon, 02 Apr 2012 08:31:32 -0700, Petr Bena benapetr@gmail.com wrote:
I believe it would be best if login form was served using http with check box "Disable ssl" which would be not checked as default. The target page of form would be ssl page in case users wouldn't check it. So that in countries where ssl is problem they could just check it and proceed using unencrypted connection.
On Mon, Apr 2, 2012 at 11:34 AM, Tei oscar.vives@gmail.com wrote:
Perhaps have a black list of countries that are know to break the privacy of communications, then make https default for logued users in these countries.
This may help because:
- It only affect a subgroup of users (the ones from these countries)
- It only affect a subgroup of that subgroup, the logued users (not
all)
- It create a blacklist of "bad countries" where citizens are under
surveillance by the governement
This perhaps is not feasible, if theres not easy way to detect the country based on the ip.
--
ℱin del ℳensaje.