lynx-dev
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: LYNX-DEV two curiosities from IETF HTTP session.


From: Yaron Goland
Subject: RE: LYNX-DEV two curiosities from IETF HTTP session.
Date: Mon, 5 Jan 1998 10:21:35 -0800

I would phrase it as equally insecure but the point is made. A redirect is a
redirect is a redirect, at least as far as 305 goes. You are also right, 306
is a whole other story.

BTW my developers are now officially in love with 305.

        Yaron

> -----Original Message-----
> From: address@hidden [SMTP:address@hidden
> Sent: Monday, December 29, 1997 1:07 PM
> To:   Yaron Goland
> Cc:   address@hidden; Josh Cohen; Foteos Macrides; address@hidden;
> address@hidden
> Subject:      RE: LYNX-DEV two curiosities from IETF HTTP session.
> 
> 
> >  From: Yaron Goland <address@hidden>
> >  Date: Fri, 12 Dec 1997 08:03:06 -0800
> >  To: "'address@hidden'" <address@hidden>
> >  Cc: Josh Cohen <address@hidden>,
> >          Foteos Macrides
> >      <address@hidden>, address@hidden,
> >          address@hidden
> >  Subject: RE: LYNX-DEV two curiosities from IETF HTTP session.
> >  
> >  It is still an attack as the origin server, if it has not been
> >  authenticated, is just some random server. To remind folks of the
> problems
> >  with click tracking and cookies, a bunch of servers could choose to
> have
> >  requests to them redirected to indicated proxies where advertising and
> other
> >  information will be inserted as needed. This very effectively gets
> around
> >  cookie issues.
> >     Yaron
> >  
> 
> I sense further confusion on this topic....
> 
> If you've contacted an origin server, and it redirects you, the
> server it has redirected you to is equally the origin server, from
> the point of view of trust (i.e. the origin server shouldn't have
> done the redirect in the first place if the second server isn't
> trustworthy).
> The second server is fully as authoritative as the first, in terms
> of any trust or threat problems.
> 
> And if you can't trust your proxy, you have bigger problems to worry
> about.
> 
> So 305 does not introduce the kinds of threats that the 306 proposal did.
> 
> To remind you of 306's proposed semantics, it was to redirect you for
> this AND SUBSEQUENT REQUESTS, to use a proxy; this is what introduced
> the security problem, as the subsequent requests could be sent to
> a proxy you had not delegated trust to.
> 
> Hope this clarifies things.
>                                       - Jim
> 
>                                       
> --
> Jim Gettys
> Industry Standards and Consortia
> Digital Equipment Corporation
> Visting Scientist, World Wide Web Consortium, M.I.T.
> http://www.w3.org/People/Gettys/
> address@hidden, address@hidden

reply via email to

[Prev in Thread] Current Thread [Next in Thread]