Re: CDNs for common-goods done right? from Sangwhan Moon on 2022-09-27 (www-tag@w3.org from September 2022)

From: Sangwhan Moon <sangwhan@iki.fi>
Date: Wed, 28 Sep 2022 03:37:54 +0900
To: www-tag@w3.org
Message-Id: <35e3d642-1048-4122-8934-b0e80c44e774@app.fastmail.com>

Original Message:
> Hello dear community around the TAG,
>
> In an effort to finalise the “conformance checks” that an education 
> ministry has required from a company I work for, privacy concerns have 
> had huge impacts. Among the biggest concerns, the fact that Content 
> Distribution Networks (CDNs) were used going to servers in far-away 
> countries for common-goods such as open-source projects (eg: jquery, 
> bootstrap) was considered inacceptable. Indeed a trial came out 
> recently saying that using Google fonts in a website without explicit 
> consent is a breach of the EU GPDR.
>
> My question is: There was a resource justification that said that using 
> such common-URLs is good for performance and resources limitation: An 
> already loaded and parsed CSS should only be used once and not 
> reloaded. Is there not a markup-based method to do this in normal 
> web-browsers?
>
> I would expect such common-goods to be identifiable as “always the 
> same” from any URL and “verifiable” by some signature mechanism and 
> they could thus be correctly cached and shared among sites without any 
> security concern. Cache-partitioning should not be needed just as it is 
> not needed for standards-conformant software parts of the browsers 
> (e.g. the http-stacks, the way JS is run…)
>
> This article of Tim Perry discourages CDNs for such 
> <https://httptoolkit.tech/blog/public-cdn-risks/> and the reasons are 
> security motivated. A peer-to-peer-like protocol is among the hopeful 
> bright futures. However, something based on http(s) sounds completely 
> accessible and much nearer.
>
> Did I miss a point?
> Was this already considered?
>
> I think that TAG or its community might know.

If I understand what you described correctly - the mechanism you are looking for sounds like subresource integrity (SRI). There are some notes around using this as a caching mechanism here: https://hillbrad.github.io/sri-addressable-caching/sri-addressable-caching.html

Normative language around caching and sharing behavior is a complex topic - some of which are explained in those notes. I don't think there have been any recent updates on that document though.

Sangwhan

Received on Tuesday, 27 September 2022 18:38:31 UTC