Close, Tyler J. schreef:
> I've written several messages to the appformats mailing list. I suggest reading all of them. The most detailed description of the attacks are in the message at:
>
> http://www.w3.org/mid/C7B67062D31B9E459128006BAAD0DC3D074F8B6507@G6W0269.americas.hpqcorp.net
>
> with a correction at:
>
> http://www.w3.org/mid/C7B67062D31B9E459128006BAAD0DC3D074F8B650D@G6W0269.americas.hpqcorp.net
You do realise that with XDR, ‘resource host’ has no means to
authenticate the user using (relatively secure) HTTP digest authentication?
In order to acquire the desired functionality (for which it needs the
user’s credentials), with XDR the resource host will most likely end up
passing the authentication information along in the GET query string
(bad), probably requiring the user to fill in his credentials on the
origin site (bad), and sending the user’s password plain over the wire
(bad).
I think the history of HTML has taught us that if people want to do
something (e.g. styling), and you do not provide the means, they will
abuse other mechanisms (tables) to achieve their goals. I can assure you
people will work around the limitations of XDR in the same manner. The
least we can do is provide a mechanism that lets the user do what he
wants, yet is easy to control and secure.
That is the big problem with XDR’s restrictions. Well, aside from its
breaking of REST by disallowing PUT and DELETE and setting the
Content-Type and Accept-* headers, while favouring SOAP (which DOES have
the ability to delete() and authenticate) and encouraging content
sniffing. I hope you can see why I don’t share your enthusiasm for
Microsoft’s proposal :).
~Grauw
--
Ushiko-san! Kimi wa doushite, Ushiko-san nan da!!
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Laurens Holst, student, university of Utrecht, the Netherlands.
Website: www.grauw.nl. Backbase employee; www.backbase.com.