- From: John Cowan <cowan@ccil.org>
- Date: Thu, 14 Dec 2006 10:40:39 -0500
- To: Marc de Graauw <marc@marcdegraauw.com>
- Cc: www-tag@w3.org, Alastair.Green@barclayscapital.com
Marc de Graauw scripsit:
> You are thinking about businesses setting up servers, but today's
> reality is a lot of individuals with high-bandwith connections have web
> servers. If Grandpa publishes the photos of the last family weekend on
> his own webserver, can he protect it with a password in the clear? Or
> must he necessarily choose between publishing for the entire world
> and installing SSL on his server (or an alternative protection)?
Grandpa isn't alone.
At least two major wire services (don't speak for them, no way nohow)
protect their B2B news transmissions with PWitCs, and seem satisfied
to do so. The loss from the occasional interceptor is small enough to
tolerate, and isn't much of an economic loss anyhow, as such interceptors
are not likely to become paying customers/members in any case. (Far more
common are people who scrape news from public sites and put it on their
own public site: these people *are* often willing to pay, when they are
told they are doing wrong. Transmission security is of course useless
here: only search-engine-assisted vigilance can possibly help.)
The Unicode Consortium, various ISO WGs, and the W3C itself put their
member-confidential information behind PWitCs, sometimes even one shared
by many people (quelle horreur!), and seem happy with the results.
My reputation as a Wikipedia editor is sufficiently protected with a
simple PWitC -- most vandals just wreck pages under their own pseudonyms
or IP addresses. Online subscriptions to magazines, journals, and ebooks,
including those published for profit, are generally protected by PWitCs.
The ability to post to a social-networking site in an authenticated way is
protected by a PWitC. Geeks quite often retrieve their files from remote
locations using non-anonymous FTP, an inherently PWitC-using protocol.
In short, the only time that PWitCs are considered insufficient is when
financial details change hands online, and then people want not only
secure authentication but secure transmission as well.
> If we consider this from an economical perspective, passwords in the clear
> would be appropriate in cases where:
> - the value of the protected information is nil for a malicious intruder;
I don't think that's an issue. In most of the cases above, the information
(or action, in the case of password-protected posting) is of some use to
a malicious intruder, especially a motiveless one like a vandal.
> - the damage of publication of the protected information is practically nil,
> or at least very small, for the publisher.
This is the real point (note that in the case of credit-card numbers,
it's the client who is the "publisher").
> Admittedly, most cases won't fulfil the second criterion, but some will.
I think that most cases do, and that requiring all these cases to use
secure authentication serves no one's interests except those who charge
a lot of money for certificates of authentication.
--
John Cowan http://www.ccil.org/~cowan <cowan@ccil.org>
You tollerday donsk? N. You tolkatiff scowegian? Nn.
You spigotty anglease? Nnn. You phonio saxo? Nnnn.
Clear all so! `Tis a Jute.... (Finnegans Wake 16.5)
Received on Thursday, 14 December 2006 15:41:01 UTC