Re: "confirm subscribe" use case for "secret URI" from noah_mendelsohn@us.ibm.com on 2010-02-18 (www-tag@w3.org from February 2010)

From: <noah_mendelsohn@us.ibm.com>
Date: Thu, 18 Feb 2010 16:44:40 -0500
To: Jacek Kopecky <jacek@jacek.cz>
Cc: Larry Masinter <masinter@adobe.com>, "www-tag@w3.org" <www-tag@w3.org>
Message-ID: <OFE304EE50.FB3D0C38-ON852576CE.0076F494-852576CE.00771E84@lotus.com>

Jacek Kopecky writes:

> In other words, the email address is valid enough. 

How can we say that without some definition of what the security goals 
are, and what the threats are to be defended against?  I can see lots of 
cases in which it would indeed be "valid enough".  I can also imagine 
examples, perhaps involving DNS hijacking, in which the confirmation would 
be made by the same black hat that maliciously opened the email account in 
your name. 

Noah 


--------------------------------------
Noah Mendelsohn 
IBM Corporation
One Rogers Street
Cambridge, MA 02142
1-617-693-4036
--------------------------------------








Jacek Kopecky <jacek@jacek.cz>
Sent by: www-tag-request@w3.org
02/13/2010 07:11 AM
 
        To:     Larry Masinter <masinter@adobe.com>
        cc:     "www-tag@w3.org" <www-tag@w3.org>, (bcc: Noah 
Mendelsohn/Cambridge/IBM)
        Subject:        Re: "confirm subscribe" use case for "secret URI"


Larry, 

this also brings up a simpler case: confirmation of valid email address.
If the URI is ever resolved, it means the email address where the URI
was sent is read by someone or something. In other words, the email
address is valid enough. 

On the other hand, are the URIs in these cases really secret? It feels
like your point (b) goes against a requirement for secrecy.

Best regards,
Jacek Kopecky


On Thu, 2010-02-11 at 14:07 -0800, Larry Masinter wrote:
> the link to confirm subscription is:
> 
>  (a) one-time 
>  (b) accidental disclosure does not have a serious impact
>      and recoverable (can unsubscribe)
>  (c) misuse can be audited (web site, presumably, maintains
>      log of IP address of requester)
> 
> 
> So this is a positive use case for a "secret URI".
> 
> Larry
> --
> http://larry.masinter.net
> 
> 
> -----Original Message-----
> From: forum@unicode.org [mailto:forum@unicode.org] 
> Sent: Thursday, February 11, 2010 2:03 PM
> To: Larry Masinter
> Subject: Welcome to "The Unicode Consortium Discussion Forum"
> 
> Welcome to The Unicode Consortium Discussion Forum forums
> 
> Please keep this e-mail for your records. Your account information is as
> follows:
> 
> ----------------------------
> Username: masinter
> 
> Board URL: http://www.unicode.org/forum
> ----------------------------
> 
> Please visit the following link in order to activate your account:
> 
> http://www.unicode.org/forum/ucp.php?mode=activate&u=84&k=421T7N4NND 
> 
> Your password has been securely stored in our database and cannot be
> retrieved. In the event that it is forgotten, you will be able to reset 
it
> using the email address associated with your account.
> 
> Thank you for registering.
> 
> --
>

Received on Thursday, 18 February 2010 21:42:24 UTC