- From: Koen Holtman <koen@win.tue.nl>
- Date: Tue, 19 Dec 1995 19:42:32 +0100 (MET)
- To: Jeffrey Mogul <mogul@pa.dec.com>
- Cc: sjk@amazon.com, http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
Jeffrey Mogul: > >I have added "Spoofing using Location headers (prevention thereof?)" >to my list of issues for the caching subgroup, although this is not >a commitment that we will actually solve the problem. For the record, I feel that the spoofing using Location headers issue is really a sub-problem of content negotiation, not of caching. But I'd be happy to deal with this problem in the caching subgroup instead of the negotiation subgroup. Two of the four members of the negotiation subgroup are also in the caching subgroup, so there is litte chance of these groups getting too much out of sync. >I tend to agree with the view that this is not exactly a protocol >design issue, but rather is a problem for people who are implementing >shared web servers. In my opinion, considering the impact of the protocol design _is_ a protocol design issue, even if this consideration leads to a review of shared web server security mechanisms. We can only afford to introduce a web security problem and pass it to the people who are implementing shared web servers after we have established that these people can actually provide a solution to the security problem. As long as we do not have consensus that they can solve the problem, we had better not put this security problem in the HTTP protocol. I have been thinking up a negotiation header structure that would not allow any form of cache spoofing _and_ provide nice cache efficiency (preemtive and reactive negotiation sharing cache slots). The downside of this structure would be the introduction of a new request header with rather unusual semantics. I'll try to post a description in the near future. >-Jeff Koen.
Received on Tuesday, 19 December 1995 10:47:27 UTC