- From: David Morris <dwm@xpasc.com>
- Date: Mon, 5 Mar 2012 15:41:32 -0800 (PST)
- To: Ian Hickson <ian@hixie.ch>
- cc: HTTP Working Group <ietf-http-wg@w3.org>
>From what you've said, this appears to be a shared key system which provides marginal protection against abuse of the cache but with wide distribution of the key, it does seem to me to be providing a significant challange to abuse of the key. As I understand the suggested use case, a cache will have encrypted content placed there by the content owner (or agent) and then multiple users will be provided the URL and key for retrieval. Sounds pretty weak to me. On Mon, 5 Mar 2012, Ian Hickson wrote: > On Mon, Mar 5, 2012 at 10:09 AM, Poul-Henning Kamp <phk@phk.freebsd.dk>wrote: > > > > > I'm sorry, but IMO this is just security-theater, and it represents > > so terrible handling of key-material that it is deeply irresponsible > > to even mention it in a standards document, without a lengthy list > > of caveats and disclaimers. > > > > Could you elaborate on this? In particular, what risks do you believe exist > here given the scenario this is intended to address and given the list of > issues to consider already given in the specification? > > I'm eager to address any problems that exist with this proposal, but I am > failing to reconcile the proposal as I understand it with your assessment > of it above. > > -- > Ian Hickson >
Received on Monday, 5 March 2012 23:42:13 UTC