W3C home > Mailing lists > Public > www-tag@w3.org > February 2010

ACTION-278: CSRF defense use case?

From: Jonathan Rees <jar@creativecommons.org>
Date: Tue, 16 Feb 2010 16:19:40 -0500
Message-ID: <760bcb2a1002161319y52a9b2a9v6e1f600f0e9857fe@mail.gmail.com>
To: Tyler Close <tyler.close@gmail.com>
Cc: www-tag@w3.org
Tyler,

I think it would be useful in this discussion to have a CSRF defense
use case on hand, since that's where this discussion started [1]. Can
you provide a simple but somewhat realistic scenario where unguessable
URIs might be helpful in CSRF defense?

Thanks
Jonathan

[1] http://www.w3.org/2001/tag/2009/06/23-minutes.html#item05

Tracker, this is ACTION-278
Received on Tuesday, 16 February 2010 21:20:13 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 26 April 2012 12:48:19 GMT