Ignore:
Timestamp:
Jan 19, 2013, 6:45:56 AM (7 years ago)
Author:
fielding@…
Message:

add a security consideration for entity-tag tracking

File:
1 edited

Legend:

Unmodified
Added
Removed
  • draft-ietf-httpbis/latest/p4-conditional.html

    r2129 r2130  
    12071207      <h1 id="rfc.section.7"><a href="#rfc.section.7">7.</a>&nbsp;<a id="security.considerations" href="#security.considerations">Security Considerations</a></h1>
    12081208      <p id="rfc.section.7.p.1">This section is meant to inform developers, information providers, and users of known security concerns specific to the HTTP/1.1
    1209          conditional request mechanisms. No additional security considerations have been identified beyond those applicable to HTTP
    1210          messaging <a href="#Part1" id="rfc.xref.Part1.5"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a> and semantics <a href="#Part2" id="rfc.xref.Part2.4"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content">[Part2]</cite></a>.
     1209         conditional request mechanisms. More general security considerations are addressed in HTTP messaging <a href="#Part1" id="rfc.xref.Part1.5"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a> and semantics <a href="#Part2" id="rfc.xref.Part2.4"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content">[Part2]</cite></a>.
    12111210      </p>
    12121211      <p id="rfc.section.7.p.2">The validators defined by this specification are not intended to ensure the validity of a representation, guard against malicious
     
    12141213         writes when all participants are behaving nicely. At worst, the conditions will fail and the client will receive a response
    12151214         that is no more harmful than an HTTP exchange without conditional requests.
     1215      </p>
     1216      <p id="rfc.section.7.p.3">An entity-tag can be abused in ways that create privacy risks. For example, a site might deliberately construct a semantically
     1217         invalid entity-tag that is unique to the user or user agent, send it in a cacheable response with a long freshness time, and
     1218         then read that entity-tag in later conditional requests as a means of re-identifying that user or user agent. Such an identifying
     1219         tag would become a persistent identifier for as long as the user agent retained the original cache entry. User agents that
     1220         cache representations ought to ensure that the cache is cleared or replaced whenever the user performs privacy-maintaining
     1221         actions, such as clearing stored cookies or changing to a private browsing mode.
    12161222      </p>
    12171223      <h1 id="rfc.section.8"><a href="#rfc.section.8">8.</a>&nbsp;<a id="acks" href="#acks">Acknowledgments</a></h1>
Note: See TracChangeset for help on using the changeset viewer.