On Fri, 30 Sep 2011 01:15:34 +0200, Tony Gentilcore <tonyg@google.com> wrote: > Thanks for the reminder and sorry for the delay. I think this is the > information we want to convey. Do you want to do any tweaking and send > then it out? I'm also happy to mail it on our behalf if you think it > is good to go. We've discussed this in the security group in Opera, and don't think this is a good idea, for all the obvious reasons. While we didn't look for novel attacks, it will increase the attack surface significantly of a number of existing attacks. Third party DNS information is the CSS :visited issue all over again, which browsers have been trying to fix. Statistical fingerprinting is an issue which is small for every working group, but in total large for affected users. Timing attacks to know server setup, visited webpages, port scanning, guess at credentials etc will all be easier. There is also no obvious user gain by allowing this. The right question to ask would be what user gains there are in allowing third party timing information, and if those gains are significant, detail the potential gains, and then look for ways to give those gains to user without privacy or security implications. The security group considered allowing a user opt-in to such third party information, similar to the geo-locaiton opt-in in browsers, but rejected the idea, as it could find no reason why a user would want to answer yes to such a question. -- Sigbjørn Vik Core Quality Services Opera SoftwareReceived on Thursday, 6 October 2011 09:44:24 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 6 October 2011 09:44:25 GMT