- From: Werner Baumann <werner.baumann@onlinehome.de>
- Date: Thu, 19 Sep 2013 20:34:08 +0200
- To: ietf-http-wg@w3.org
+1 Werner Am Thu, 19 Sep 2013 07:39:04 +0200 schrieb Willy Tarreau <w@1wt.eu>: > I'd rather go with something much more generic in fact, like the > following idea : > > "HTTP/1.1 is used for virtually every communication over the Internet > today and as such is the target of many attacks : > - passive interception attacks : the protocol is transported in > clear text and may be passively intercepted by any party. This > weakness has recently been magnified by the wide deployment of WiFi > networks. Encryption may help reduce these risks if properly > implemented. > > - active interception attacks (man in the middle) : the protocol > offers no authentication of both ends, making it sensible to > transparent proxying, which is used by many internet service > providers to deliver cached contents and may be used by attackers to > modify the traffic on the fly. Encryption with end-to-end > authentication may help reduce these risks if properly implemented. > > - server-side attacks : log files may contain a lot of sensible > information and are the target of some break-in attempts. Contents > are also modified by attackers to deliver malware to many end users. > These attacks are not related to the protocol but to its > implementations and its wide deployment. > > - proxy-side attacks : corporate proxy logs are generally > accessible to a few people who are in contact with the end users. > Accessing these logs can become a privacy concern if browsing habits > are disclosed among coworkers. > > - client-side attacks : malware running in browsers retrieve all > contents in clear text before they leave the browser, and modify > responses before they're displayed to the user. This is widely used > to attack bank accounts and is not related to the protocol but to its > implementations and its wide deployment. > > Implementors should be aware of these threats and consider them > carefully when designing a new implementation. Encryption only solves > the transport issue between trusted parties if reciprocal > authentication is enforced, but does not address the security of the > end points themselves. Logs are required to address technical issues > but should not reveal too much information. Agents should disclose > the least possible information about the users and only when > absolutely needed, as these information may still end in a network > capture or log file somewhere. " > > Willy > >
Received on Thursday, 19 September 2013 18:34:44 UTC