Re: Eric Rescorla's Discuss on draft-ietf-httpbis-cdn-loop-01: (with DISCUSS and COMMENT) from Mark Nottingham on 2018-12-21 (ietf-http-wg@w3.org from October to December 2018)

From: Mark Nottingham <mnot@mnot.net>
Date: Fri, 21 Dec 2018 13:40:11 +1100
To: Eric Rescorla <ekr@rtfm.com>
Cc: The IESG <iesg@ietf.org>, draft-ietf-httpbis-cdn-loop@ietf.org, httpbis-chairs@ietf.org, HTTP Working Group <ietf-http-wg@w3.org>, Tommy Pauly <tpauly@apple.com>, Patrick McManus <mcmanus@ducksong.com>
Message-Id: <6F20B9DC-345B-47E1-BDCE-F3E01307B460@mnot.net>

> On 21 Dec 2018, at 12:13 pm, Mark Nottingham <mnot@mnot.net> wrote:
> 
>> We have a situation with two alternate topologies:
>> 
>> 1.  A -> B -> Origin
>> 2.  A ->  Origin
>> 
>> The original HTTP client (i.e., an external attacker on the Internet) sends a request with a CDN-Loop header containing B. In topology (1) this causes some kind of failure and in topology (2) it does not, thus leaking the topology.
> 
> Ah - so you're saying that 'A' is also a CDN, not the user-agent?
> 
> If the answer is 'yes', I understand; will add some text.

I've added:

"""
A CDN's use of the CDN-Loop header field might expose its presence. For example, if CDN A is configured to forward its requests to CDN B for a given origin, CDN B's presence can be revealed if it behaves differently based upon the presence of the CDN-Loop header field.
"""

--
Mark Nottingham   https://www.mnot.net/

Received on Friday, 21 December 2018 02:40:41 UTC