W3C home > Mailing lists > Public > www-html@w3.org > April 2000

RE: Add timeouts for security to HTML

From: Pearson, Chris C <chris.c.pearson@intel.com>
Date: Wed, 19 Apr 2000 19:45:05 -0700
Message-ID: <638EC1B28663D211AC3E00A0C96B78A80434073D@orsmsx40.jf.intel.com>
To: "'Pd Rippe'" <casper@novacentral.com>, Sameer Ajmani <ajmani@chord.lcs.mit.edu>
Cc: www-html@w3.org
I agree about stale data in cache being a privacy/security risk, though I'm
not sure how it differs from any other sensitive user data; perhaps because
user's are often unaware of the cache?  However, in any event, system access
should be secured by password (at least).  For shared systems, some browsers
can be configured to flush the browser cache on exit (or this can be done in
a logon script).  I think leaving stale data on the screen is likewise a
more general problem, typically addressed by password-protected screen
savers.  Just my 2 cents worth...

-- Chris

> -----Original Message-----
> From: Pd Rippe [mailto:casper@novacentral.com]
> Sent: Wednesday, April 19, 2000 6:08 PM
> To: Sameer Ajmani
> Cc: www-html@w3.org
> Subject: Re: Add timeouts for security to HTML
> 
> 
> I think that your idea would be very usefull, as i am 
> creating an secure
> site which includes ecommerce...and there is nothing stopping someone
> from just looking through a browsers cashe...
> 
> Although you said that it could gray it out, and keep it encrypted, I
> think it would seem more logical if it just deleted the info, as it
> wouldnt be able to be brought back anyway, because someone 
> can use that
> to their advantage
> 
> Sameer Ajmani wrote:
> > 
> > I have a proposal for a feature to add to HTML; my 
> apologies if it has
> > been proposed before:
> > 
> > Many sites have incorporated authentication mechanisms to 
> guard clients'
> > private data.  The servers also time out client sessions to 
> prevent (in
> > theory) the wrong people from using a client's browser 
> session to access
> > private data.  Unfortunately, this doesn't data on the 
> screen or remove
> > data from the client's cache.
> > 
> > I suggest an HTML tag that specifies when an object should 
> "timeout":
> > the browser can "gray out" the classified object when the specified
> > amount of time has passed since the page was loaded from the server.
> > Alternately, the server could specify and expiration date for the
> > object.  The browser should also gray out classified 
> objects on pages in
> > cache.
> > 
> > I'm not sure if such a scheme would be accepted as a feature or an
> > annoyance, but it should improve security.  Of course, this requires
> > that classified data be encrypted when stored on disk (and 
> possibly in
> > memory as well).  Unfortunately, I'm not familiar enough 
> with XHTML to
> > suggest a syntax, but it may be possible to use its event model to
> > schedule timeouts.
> > 
> > I'd appreciate any and all comments, and please let me know 
> if this has
> > been suggested before (I checked the archives and didn;t find much).
> > 
> > Thanks,
> > --Sameer Ajmani
> > MIT Lab for Com Sci
> > ajmani@mit.edu
> 
> 
Received on Wednesday, 19 April 2000 22:45:39 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 27 March 2012 18:15:43 GMT