RE: LYNX-DEV two curiosities from IETF HTTP session. from Josh Cohen on 1998-01-07 (ietf-http-wg@w3.org from January to March 1998)

From: Josh Cohen <joshco@microsoft.com>
Date: Tue, 6 Jan 1998 17:49:56 -0800
To: "'jg@pa.dec.com'" <jg@pa.dec.com>, Paul Leach <paulle@microsoft.com>
Cc: Yaron Goland <yarong@microsoft.com>, Foteos Macrides <MACRIDES@sci.wfbr.edu>, lynx-dev@sig.net, http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
Message-Id: <21FD6499922DD111A4F600805FCCD6F2BC35EE@red-86-msg.dns.microsoft.com>

The question is "How do you know that the origin sent the 305
  and not your (evil) proxy?"

If you are a client, and you are talking through a proxy,
 you know that. (your aware that your talking via a proxy).

You should never receive a 305 in this case.  305 is HOP-by-HOP.
The proxy should handle it itself.

The two cases when you might receive a 305 in this fashion are:
1) the proxy is an old proxy and just passes it to you.
2) the proxy is evil and generated it

either way, your solution is to ignore it.
 (it is an error to receive it this way)

so, if your talking via a proxy, always ignore 305.

--
Josh Cohen <joshco@microsoft.com>
Program Manager - Internet Technologies 

> -----Original Message-----
> From: jg@pa.dec.com [mailto:jg@pa.dec.com]
> Sent: Thursday, December 18, 1997 10:51 AM
> To: Paul Leach
> Cc: Yaron Goland; jg@pa.dec.com; Josh Cohen; Foteos Macrides;
> lynx-dev@sig.net; http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
> Subject: RE: LYNX-DEV two curiosities from IETF HTTP session.
> 
> 
> 
> > 
> >  <snip>
> >  
> >  > I think you are confused....  In Rev-01, only an origin server is
allowed
> >  > to generate a 305 response.  It is authoritative for that resource,
so
> >  > the spoofing problems don't come up (and is the reason for that 
> text being
> >  > in the document...)
> >  > 
> >  And exactly how can the browser tell that it was the origin server 
> that sent
> >  the 305? And not the untrustworthy proxy in between the client and the
> >  server?
> 
> You can't tell.
> 
> >  
> >  I know that normally one trusts one's proxy, but since security issues
are
> >  being raised here, the question needs to be asked.
> >  
> >  Paul
> 
> You've delegated trust to the proxy.  If the trust was misplaced, you have
> any/all sort of attacks possible, of which this is far from the most
> serious.  The best we can do is mitigate the damage, for correct,
> and trustworthy implementations.  The problem with 306 was that it was
> a way to insert a man in the middle, relatively easily, which was
> not trustworthy.
> 					- Jim
>

Received on Tuesday, 6 January 1998 17:54:00 UTC