- From: Trevor Perrin <trevp@trevp.net>
- Date: Sat, 03 May 2003 13:14:58 -0700
- To: Simon Josefsson <jas@extundo.com>, "Clive D.W. Feather" <clive@demon.net>
- Cc: uri@w3.org
At 09:00 PM 5/3/2003 +0200, Simon Josefsson wrote: >"Clive D.W. Feather" <clive@demon.net> writes: > > > > A key fingerprint for the server is perhaps a useful thing, much more than > > a hash of the document. But doesn't https give you that via another path > > already? I'm not convinced that putting the key into every URL is the right > > approach. > >It isn't. It is only useful if the URI you received is signed data. To elaborate a bit: it's useful if the URI is received over any "secure channel". This might be: - an XML-DSIG signed document - a PGP or S/MIME-signed mail - an HTML page from an HTTP server on your intranet (assuming you trust your intranet and LAN) - an HTML page from an HTTPS server with a Verisign cert - an HTML page from an HTTPS server whose cert fingerprint matches a secure URL (i.e. you could follow secure URL links from one page to another) - an HTML page from an HTTP server, where the page's sha1 hash matches a secure URL (" " " ") - an HTML page from an untrusted HTTP server (a calculated risk/leap of faith - "as long as no-one is spoofing me right now, then by remembering this secure URL I'll be impervious to spoofing of the URL in the future") - a file transferred manually (handing over a disk or something) - a piece of paper (ugly but doable - a sha1 fingerprint will add about 30 characters to the URL) etc.. > > Both hashes and key fingerprints, however, merely move the problem one step > > back - how do you know the URL contains the right hash/key? However you > > solve that problem, why not apply it directly to the content? > >In some cases size is the limiting factor. Also, the content may be dynamic - bookmarking the URL + SSL fingerprint for your bank's website will let you visit securely again and again, having the fingerprint and URL for my PGP key will let you have a long-running conversation with me, etc.. Imagine a federation of web sites linked together with secure URLs, and containing documents of all sorts (movies, pictures, etc.). Once you go through the trouble to get a secure URL to any page in the federation, then you can navigate throughout the rest of it entirely on secure links. Thus you can get the first secure URL through some limited secure channel (type it in from a magazine, email from a friend, leap of faith, etc.), but then securely navigate a wealth of resources.. Trevor
Received on Saturday, 3 May 2003 17:18:07 UTC