W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > January to April 2000

RE: webmail vulnerabilities: a new pragma token?

From: Dave Kristol <dmk@research.bell-labs.com>
Date: Thu, 20 Jan 2000 14:43:17 -0500 (EST)
Message-Id: <200001201943.OAA21186@aleatory.research.bell-labs.com>
To: http-wg@cuckoo.hpl.hp.com
In my opinion, the whole idea of using HTTP to alert the client of
"unsafe content" is wrong-headed.  ALL content is unsafe unless you
trust it.  Therefore, the client *must* provide facilities to let the
user identify trusted content and to protect him/her from untrusted
content.  The content could come equally well from FTP or some other
protocol.

We have seen that bugs in design and/or implementation of scripting
languages have left users vulnerable.  These bugs would still exist
even if an HTTP header were added.  And an HTTP header would provide no
protection from scripts obtained via FTP.  The real solution is to fix
the implementations.

That may seem like a slow and painful solution, but it puts control in
the hands of the user, who has the most at stake.  And given that new
browsers would be required to detect a new HTTP header anyway, fixing
the problem (faulty browser security), and not the symptom (scripts
embedded in web-based email), is the right way to go.

Dave Kristol
Received on Thursday, 20 January 2000 19:45:22 EST

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:33:35 EDT