- From: Thomas Roessler <tlr@w3.org>
- Date: Thu, 17 Nov 2005 11:36:33 +0100
- To: public-rdf-dawg-comments@w3.org
- Cc: Rigo Wenning <rigo@w3.org>
Hello, I notice that section 3 of the current SPARQL protocol draft [1] suggests non-anonmyized logging of queries in what seems to be normative text: [[ Further, since SPARQL query processing services may make HTTP requests of other origin servers on behalf of its clients, it may be used as a vector of attacks against other sites or services. In this case, since it's acting, effectively, as a proxy for a third-party client, it is important to avoid anonymizing the client requests such that valid forensic tracing is impeded. SPARQL query processing services SHOULD log client requests in such a way as to avoid anonymizing them with regard to third-party origin servers or services, and they should do so in keeping with the Privacy considerations discussed below. ]] -- http://www.w3.org/TR/2005/WD-rdf-sparql-protocol-20050914/#policy-security What is being logged, and how, strikes me as a typical local policy decision that should be out of scope for the SPARQL spec (the spec certainly shouldn't include normative language on this topic); at the same time, the suggested logging is a poor remedy for the thread that is being discussed. How about the following instead? [[ SPARQL query processing services may make HTTP requests of other origin servers on behalf of clients, effectively acting as a proxy for a third-party client. This ability may lead to an abuse of SPARQL query processing services as an attack vector. Services MAY place restrictions on the resources that they retrieve, or on the rate at which external resources can be retrieved. In keeping with the privacy considerations discussed below, SPARQL query processing services MAY elect to log client requests that lead to HTTP requests of other origin servers, in order to facilitate tracing of attacks. ]] (One could go further in discussing the kinds of restrictions that may be placed -- such as refusing to send HTTP requests to printers on port 631 --, but I'm not convinced that this will be very useful here.) Regards, -- Thomas Roessler, W3C <tlr@w3.org>
Received on Thursday, 17 November 2005 10:36:37 UTC