W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2010

RE: Security considerations for DNS rebinding

From: Blake Frantz <bfrantz@cisecurity.org>
Date: Tue, 9 Feb 2010 12:50:20 -0600
To: Adam Barth <w3c@adambarth.com>, Tim <tim-projects@sentinelchicken.org>
CC: Maciej Stachowiak <mjs@apple.com>, HTTP Working Group <ietf-http-wg@w3.org>
Message-ID: <4C374A2653EB5E43AF886CE70DFC567213CECB5CC9@34093-MBX-C03.mex07a.mlsrvr.com>

>
> On the other hand, Host header checking is effective, and it seems
> valuable for HTTPbis to recommend it to server implementors.
>
 
I agree.

Received on Tuesday, 9 February 2010 18:51:22 UTC

This message: [ Message body ]
Next message: Maciej Stachowiak: "Re: Security considerations for DNS rebinding"
Previous message: Maciej Stachowiak: "Re: Security considerations for DNS rebinding"
In reply to: Adam Barth: "Re: Security considerations for DNS rebinding"
Next in thread: Justin Erenkrantz: "Re: Security considerations for DNS rebinding"

Mail actions: [ respond to this message ] [ mail a new topic ]
Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]
Help: [ How to use the archives ] [ Search the archives ]

This archive was generated by hypermail 2.4.0 : Thursday, 2 February 2023 18:43:21 UTC