- From: Tyler Close <tyler.close@gmail.com>
- Date: Thu, 11 Feb 2010 16:51:42 -0800
- To: Dan Connolly <connolly@w3.org>
- Cc: Larry Masinter <masinter@adobe.com>, Tim Berners-Lee <timbl@w3.org>, John Kemp <john@jkemp.net>, "ashok.malhotra@oracle.com" <ashok.malhotra@oracle.com>, Jonathan Rees <jar@creativecommons.org>, "www-tag@w3.org" <www-tag@w3.org>, "Mark S. Miller" <erights@google.com>
I agree with Dan's response below and am just going to clarify what I meant by "legitimately directed", inline below... On Thu, Feb 11, 2010 at 11:52 AM, Dan Connolly <connolly@w3.org> wrote: > On Wed, 2010-02-10 at 15:05 -0800, Larry Masinter wrote: >> > A user-agent >> > MUST NOT disclose representations or URIs, unless either explicitly >> > instructed to do so by the user or as legitimately directed to by >> > presented content. Since the user may wish to keep this information >> > confidential, the user-agent must not assume it can be revealed to >> > third-parties. >> >> While I'm sympathetic to the intent, this leaves undefined >> the scope of "user agent" here, referent of "the user", >> and the meanings of "disclose", "legitimately", "confidential", >> "assume" and "third-parties". > > Those are all sufficiently well-defined for me. There are various standards, such as HTML, that cover what a user-agent is expected to do when presenting content. For example, presented content can reveal information to a third-party by using a <form> element to send information to another host. These documented APIs define what a user-agent may be "legitimately directed" to do by presented content. An example of an illegitimate disclosure by presented content would require an attack on the security model commonly implemented in user-agents. For example, user-agents prevent presented content from reading the user's bookmarks without the user's consent. A bug that enabled presented content to gain such access would be a violation of the MUST NOT requirement quoted above. There should be nothing controversial about the quoted draft text. It really only defines the difference between malware/spyware and the user-agent. Malware takes information without permission from the user. >> Does "user agent" apply to, >> say, archive.org (which might pick up a mailing list archive >> of an email and scan what is supposed to be a 'private' >> URL)? The archive.org crawler is a user-agent acting under the direction of its user, the operators of archive.org. That user-agent is obeying its user's instructions to fetch content and share it with third parties. That crawler should only find one of my web-keys if my user-agent put it in a mailing list email under my instructions. A web-key may legitimately be passed from user to user, so long as each user-agent in the chain is acting under *it's* user's instructions. There is no expectation that your user-agent obeys my instructions, instead of yours. I'm surprised that this is not clear and seen as the normal state of the world. --Tyler -- "Waterken News: Capability security on the Web" http://waterken.sourceforge.net/recent.html
Received on Friday, 12 February 2010 00:52:16 UTC