[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: LYNX-DEV two curiosities from IETF HTTP session.
From: |
Yaron Goland |
Subject: |
RE: LYNX-DEV two curiosities from IETF HTTP session. |
Date: |
Mon, 5 Jan 1998 10:21:35 -0800 |
I would phrase it as equally insecure but the point is made. A redirect is a
redirect is a redirect, at least as far as 305 goes. You are also right, 306
is a whole other story.
BTW my developers are now officially in love with 305.
Yaron
> -----Original Message-----
> From: address@hidden [SMTP:address@hidden
> Sent: Monday, December 29, 1997 1:07 PM
> To: Yaron Goland
> Cc: address@hidden; Josh Cohen; Foteos Macrides; address@hidden;
> address@hidden
> Subject: RE: LYNX-DEV two curiosities from IETF HTTP session.
>
>
> > From: Yaron Goland <address@hidden>
> > Date: Fri, 12 Dec 1997 08:03:06 -0800
> > To: "'address@hidden'" <address@hidden>
> > Cc: Josh Cohen <address@hidden>,
> > Foteos Macrides
> > <address@hidden>, address@hidden,
> > address@hidden
> > Subject: RE: LYNX-DEV two curiosities from IETF HTTP session.
> >
> > It is still an attack as the origin server, if it has not been
> > authenticated, is just some random server. To remind folks of the
> problems
> > with click tracking and cookies, a bunch of servers could choose to
> have
> > requests to them redirected to indicated proxies where advertising and
> other
> > information will be inserted as needed. This very effectively gets
> around
> > cookie issues.
> > Yaron
> >
>
> I sense further confusion on this topic....
>
> If you've contacted an origin server, and it redirects you, the
> server it has redirected you to is equally the origin server, from
> the point of view of trust (i.e. the origin server shouldn't have
> done the redirect in the first place if the second server isn't
> trustworthy).
> The second server is fully as authoritative as the first, in terms
> of any trust or threat problems.
>
> And if you can't trust your proxy, you have bigger problems to worry
> about.
>
> So 305 does not introduce the kinds of threats that the 306 proposal did.
>
> To remind you of 306's proposed semantics, it was to redirect you for
> this AND SUBSEQUENT REQUESTS, to use a proxy; this is what introduced
> the security problem, as the subsequent requests could be sent to
> a proxy you had not delegated trust to.
>
> Hope this clarifies things.
> - Jim
>
>
> --
> Jim Gettys
> Industry Standards and Consortia
> Digital Equipment Corporation
> Visting Scientist, World Wide Web Consortium, M.I.T.
> http://www.w3.org/People/Gettys/
> address@hidden, address@hidden
- RE: LYNX-DEV two curiosities from IETF HTTP session.,
Yaron Goland <=