W3C home > Mailing lists > Public > public-webapps@w3.org > October to December 2009

Re: Scientific Literature on Capabilities (was Re: CORS versus Uniform Messaging?)

From: Ian Hickson <ian@hixie.ch>
Date: Thu, 17 Dec 2009 17:38:09 +0000 (UTC)
To: Kenton Varda <kenton@google.com>
Cc: Maciej Stachowiak <mjs@apple.com>, Tyler Close <tyler.close@gmail.com>, Adam Barth <w3c@adambarth.com>, Jonathan Rees <jar@creativecommons.org>, "Mark S. Miller" <erights@google.com>, Jonas Sicking <jonas@sicking.cc>, Arthur Barstow <Art.Barstow@nokia.com>, Anne van Kesteren <annevk@opera.com>, public-webapps <public-webapps@w3.org>
Message-ID: <Pine.LNX.4.62.0912171734390.15825@hixie.dreamhostps.com>
On Thu, 17 Dec 2009, Kenton Varda wrote:
> 
> OK, I'm sure that this has been said before, because it is critical to 
> the capability argument:
> 
> If Bob can access the data, and Bob can talk to Charlie *in any way at 
> all*, then it *is not possible* to prevent Bob from granting access to 
> Charlie, because Bob can always just serve as a proxy for Charlie's 
> requests.

If confidentiality was the only problem, this would be true. However, it's 
not the only problem. One of the big reasons to restrict which origin can 
use a particular resource is bandwidth management. For example, 
resources.example.com might want to allow *.example.com to use its XBL 
files, but not allow anyone else to directly use the XBL files straight 
from resources.example.com. A proxy isn't a plausible attack in this 
scenario, because if someone can set up a proxy, they can with much more 
ease simply host the original file (which isn't a problem from the point 
of view of the original site). Furthermore, if someone _does_ host a 
proxy, then they are taking the same load hit as the original site, and 
therefore the risk to the original site is capped.

-- 
Ian Hickson               U+1047E                )\._.,--....,'``.    fL
http://ln.hixie.ch/       U+263A                /,   _.. \   _\  ;`._ ,.
Things that are impossible just take longer.   `._.-(,_..'--(,_..'`-.;.'
Received on Thursday, 17 December 2009 17:38:38 GMT

This archive was generated by hypermail 2.3.1 : Tuesday, 26 March 2013 18:49:35 GMT