- From: Dan Connolly <connolly@w3.org>
- Date: Thu, 11 Feb 2010 13:56:28 -0600
- To: ashok.malhotra@oracle.com
- Cc: Larry Masinter <masinter@adobe.com>, Tyler Close <tyler.close@gmail.com>, Tim Berners-Lee <timbl@w3.org>, John Kemp <john@jkemp.net>, Jonathan Rees <jar@creativecommons.org>, "www-tag@w3.org" <www-tag@w3.org>, "Mark S. Miller" <erights@google.com>
On Wed, 2010-02-10 at 16:50 -0800, ashok malhotra wrote: > Larry said ... > > "It *might* be possible to make secret URLs into a "yellow ribbon" > security mechanism, if, for example, > the "unguessable" part of the URL were clearly unguessable. (Random > jumble of letters rather than, > say, random quotes from literature, which might not > look random.)" > > I agree with this. DanC says that secret URLs can be made as > secure as password protection or more. I don't understand how. > Perhaps DanC could elaborate. I said passwords+cookies (which is the way passwords are almost universally deployed in the web; nobody asks for your password for _every_ HTTP request, and almost nobody uses MD5-auth or any of the alternatives.) Passwords+cookies don't protect against CSRF; unguessable URIs do. "The attacker must determine the right values for all the form's or URL's inputs: if any of them are required to be secret authentication values or IDs that the attacker can't guess, the attack will fail." -- http://en.wikipedia.org/wiki/Cross-site_request_forgery -- Dan Connolly, W3C http://www.w3.org/People/Connolly/ gpg D3C2 887B 0F92 6005 C541 0875 0F91 96DE 6E52 C29E
Received on Thursday, 11 February 2010 19:56:31 UTC