Ignore:
Timestamp:
15/01/14 17:14:38 (6 years ago)
Author:
julian.reschke@…
Message:

augment security considerations with pointers to current research (see #549)

File:
1 edited

Legend:

Unmodified
Added
Removed
  • draft-ietf-httpbis/latest/p6-cache.html

    r2531 r2547  
    451451  }
    452452  @bottom-center {
    453        content: "Expires July 7, 2014";
     453       content: "Expires July 19, 2014";
    454454  }
    455455  @bottom-right {
     
    495495      <meta name="dct.creator" content="Reschke, J. F.">
    496496      <meta name="dct.identifier" content="urn:ietf:id:draft-ietf-httpbis-p6-cache-latest">
    497       <meta name="dct.issued" scheme="ISO8601" content="2014-01-03">
     497      <meta name="dct.issued" scheme="ISO8601" content="2014-01-15">
    498498      <meta name="dct.replaces" content="urn:ietf:rfc:2616">
    499499      <meta name="dct.abstract" content="The Hypertext Transfer Protocol (HTTP) is an application-level protocol for distributed, collaborative, hypertext information systems. This document defines HTTP caches and the associated header fields that control cache behavior or indicate cacheable response messages.">
     
    521521            </tr>
    522522            <tr>
    523                <td class="left">Expires: July 7, 2014</td>
     523               <td class="left">Expires: July 19, 2014</td>
    524524               <td class="right">J. Reschke, Editor</td>
    525525            </tr>
     
    530530            <tr>
    531531               <td class="left"></td>
    532                <td class="right">January 3, 2014</td>
     532               <td class="right">January 15, 2014</td>
    533533            </tr>
    534534         </tbody>
     
    557557            in progress”.
    558558         </p>
    559          <p>This Internet-Draft will expire on July 7, 2014.</p>
     559         <p>This Internet-Draft will expire on July 19, 2014.</p>
    560560      </div>
    561561      <div id="rfc.copyrightnotice">
     
    19301930            caching. More general security considerations are addressed in HTTP messaging <a href="#Part1" id="rfc.xref.Part1.11"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a> and semantics <a href="#Part2" id="rfc.xref.Part2.9"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content">[Part2]</cite></a>.
    19311931         </p>
    1932          <p id="rfc.section.8.p.2">Caches expose additional potential vulnerabilities, since the contents of the cache represent an attractive target for malicious
     1932         <p id="rfc.section.8.p.2">The list of considerations below is not exhaustive — security analysis in an ongoing activity. Various organizations, such
     1933            as the "Open Web Application Security Project" (OWASP, &lt;<a href="https://www.owasp.org/">https://www.owasp.org/</a>&gt;), provide information about current research.
     1934         </p>
     1935         <p id="rfc.section.8.p.3">Caches expose additional potential vulnerabilities, since the contents of the cache represent an attractive target for malicious
    19331936            exploitation. Because cache contents persist after an HTTP request is complete, an attack on the cache can reveal information
    19341937            long after a user believes that the information has been removed from the network. Therefore, cache contents need to be protected
    19351938            as sensitive information.
    19361939         </p>
    1937          <p id="rfc.section.8.p.3">In particular, various attacks might be amplified by being stored in a shared cache; such "cache poisoning" attacks use the
     1940         <p id="rfc.section.8.p.4">In particular, various attacks might be amplified by being stored in a shared cache; such "cache poisoning" attacks use the
    19381941            cache to distribute a malicious payload to many clients, and are especially effective when an attacker can use implmentation
    19391942            flaws, elevated priviledges or other techniques to insert such a response into a cache. One common attack vector for cache
    19401943            poisoning is to exploit differences in message parsing on proxies and in user agents; see <a href="p1-messaging.html#message.body.length" title="Message Body Length">Section 3.3.3</a> of <a href="#Part1" id="rfc.xref.Part1.12"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a> for the relevant requirements.
    19411944         </p>
    1942          <p id="rfc.section.8.p.4">Likewise, implementation flaws (as well as misunderstanding of cache operation) might lead to caching of sensitive information
     1945         <p id="rfc.section.8.p.5">Likewise, implementation flaws (as well as misunderstanding of cache operation) might lead to caching of sensitive information
    19431946            (e.g., authentication credentials) that is thought to be private, exposing it to unauthorized parties.
    19441947         </p>
    1945          <p id="rfc.section.8.p.5">Furthermore, the very use of a cache can bring about privacy concerns. For example, if two users share a cache, and the first
     1948         <p id="rfc.section.8.p.6">Furthermore, the very use of a cache can bring about privacy concerns. For example, if two users share a cache, and the first
    19461949            one browses to a site, the second may be able to detect that the other has been to that site, because the resources from it
    19471950            load more quickly, thanks to the cache.
    19481951         </p>
    1949          <p id="rfc.section.8.p.6">Note that the Set-Cookie response header field <a href="#RFC6265" id="rfc.xref.RFC6265.1"><cite title="HTTP State Management Mechanism">[RFC6265]</cite></a> does not inhibit caching; a cacheable response with a Set-Cookie header field can be (and often is) used to satisfy subsequent
     1952         <p id="rfc.section.8.p.7">Note that the Set-Cookie response header field <a href="#RFC6265" id="rfc.xref.RFC6265.1"><cite title="HTTP State Management Mechanism">[RFC6265]</cite></a> does not inhibit caching; a cacheable response with a Set-Cookie header field can be (and often is) used to satisfy subsequent
    19501953            requests to caches. Servers who wish to control caching of these responses are encouraged to emit appropriate Cache-Control
    19511954            response header fields.
     
    21732176               <li>&lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/542">http://tools.ietf.org/wg/httpbis/trac/ticket/542</a>&gt;: "improve introduction of list rule"
    21742177               </li>
     2178               <li>&lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/549">http://tools.ietf.org/wg/httpbis/trac/ticket/549</a>&gt;: "augment security considerations with pointers to current research"
     2179               </li>
    21752180            </ul>
    21762181            <p id="rfc.section.D.2.p.2">Partly closed issues: </p>
Note: See TracChangeset for help on using the changeset viewer.