W3C home > Mailing lists > Public > public-xg-webid@w3.org > February 2011

RE: [foaf-protocols] privacy considerations: can a nosy https: site probe user identity without explicit permission?

From: peter williams <home_pw@msn.com>
Date: Fri, 11 Feb 2011 13:52:40 -0800
Message-ID: <SNT143-ds14A5B916B5AF4ECF68878992EF0@phx.gbl>
To: "'Henry Story'" <henry.story@bblfish.net>
CC: <corani@gmail.com>, <jan@wildeboer.net>, <public-xg-webid@w3.org>, <foaf-protocols@lists.foaf-project.org>
Onbe has a ssl session with site#1. Then one dupes the browser and the duped
page gets a new sslsessiond after a refresh. In duped+refreshed windows, one
links on to a subsite.

 

Should the user use a logout button on the site#1, what happens to the users
access to resources on site#2?

 

Site#1 has no knowledge that Site#2's sslsessionid is in some sense derived
from its own, note. (This notion could be modeled properly in a https-bis,
but it is not in 1994- era https).

 

 

Assume both sslsessionids have the same client cert (for now).

 

 

From: Henry Story [mailto:henry.story@bblfish.net] 
Sent: Friday, February 11, 2011 10:41 AM
To: Peter Williams
Cc: corani@gmail.com; jan@wildeboer.net; public-xg-webid@w3.org;
foaf-protocols@lists.foaf-project.org
Subject: Re: [foaf-protocols] privacy considerations: can a nosy https: site
probe user identity without explicit permission?

 

 

On 11 Feb 2011, at 19:10, Peter Williams wrote:






It's correct that the hard version of the problem is the logout problem -
which is only a coded way of talking about that which cannot be named:
sessions.

 

> From: corani@gmail.com
> I believe this is very similar to the "logout" problem, and should be
> solved in conjunction with that.

 

Why is that a hard problem? 

 

There are some parts that are simple:

 

  -  a UI to show what you are logged in as and to enable the anonymous mode

  - Tying cookies and SSL sessions to identities

 

The hard problem is information leakage, but that is something one can build
up over time. How far you go there depends on how much you want to protect
identities and cross referencing.

 

Henry

 
Received on Friday, 11 February 2011 21:53:37 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:06:22 UTC