Hacker News new | past | comments | ask | show | jobs | submit login
Two proposals for modern browsers
12 points by EGreg on Dec 20, 2010 | hide | past | favorite
I've been reading a bunch of stuff on HN about user privacy, etc. and trying to build something myself which lets the user feel secure and in control, but current web technology doesn't let me do it. So I wanted to propose two things on here, and maybe someone here would run with the idea.

1) I propose a simple mechanism to guarantee that a resource located at a certain URL is always the same. Similar to how we have https:// blabla, and the user agent warns us if the server's certificate is not trusted, we should have httpc:// blabla to indicate constant resources. Sites all over the world can download resources from httpc:// urls and store hashes to them in various formats, and your user agent can trust one or more of these authorities. When downloading, it would compare the hashes against the ones downloaded from these authorities, and if there is even a small deviation, it would give you a warning just like https://

This must be done by the user agent. Right now we do have "cache control" headers, but I am talking the server making a promise to the world that a page is really truly static, and user agents having the ability to verify that. This is different from server-controlled caching.

I can see this being used in app stores for the web (curating apps and various versions of apps, like Apple does) and also for secure logins. I would like someone to make guarantees that my password is not being sent in the clear to the server that I am connected to. Right now, the web forces us to trust a remote server completely, when interacting with a website. For example, when I enter a password, I have no assurance that the server won't misuse it. (See http://xkcd.com/792/)

This simple change would make possible a variety of applications that we haven't even thought of, besides these two.

2) The second proposal is to have iframes that are on top of everything else in the containing window, no matter what. That would enable 3rd party logins (such as OAuth) do be done in the iframe, without worrying about clickjacking. The javascript inside the iframe should have a way of checking whether the iframe is of this type. At most one such iframe can be shown in any given window.

This would lead to much more pleasant interfaces, and once again, the user would receive the extra protection. Of course, this means that Flash and other plugins would have to play nice with this. We could implement this rather easily with a browser extension that causes a borderless window to appear (like Flash does) above the actual browser window.


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact