[7316] in www-talk@info.cern.ch
Re: Privacy policy as a protocol issue
daemon@ATHENA.MIT.EDU (Phillip M. Hallam-Baker)
Mon Jan 23 07:44:27 1995
Date: Mon, 23 Jan 1995 13:04:23 +0100
Errors-To: listmaster@www0.cern.ch
Reply-To: hallam@dxal18.cern.ch
From: "Phillip M. Hallam-Baker" <hallam@dxal18.cern.ch>
To: Multiple recipients of list <www-talk@www0.cern.ch>
>Are there any other policy areas that would benefit from protocol support- the
>whole area can get pretty murky pretty fast. Comments?
There are a mass of such questions in the security field. In order to get a
conviction for hacking it is usualy necessary to prove intent. Certainly with
the Web this is a big problem because it is impossible to prove that the person
who just read a page was not tricked into it.
Password and key protection does not help here. Consider the scenario where
Mallet cracks secret@spook.com and attaches the key he has discovered to an
innocent bit of HTML puporting to be about flowers. Alice then follows this
link and is arrested for hacking :-(
What is needed is the ability to put up a warning notice when a person
attempts to enter a site for the first time in a session [might be multiple
HTTP connections though, this is where the anon-session-id comes in]
The anaon session ID is simply a cryptographic (eg MD5) hash of a load of
garbage that produces a key specific to a particular browser session. Here
session would normally mean `running' the program but since this has no
usefull analogy in a persistent system session is better.
If you object to jailing the blighters I suggest you forget about the cute n'
cuddly reports in the papers. In one case I was involved in the hacker first
sent out a barrage of insulting garbage from the stolen account [which was
not much of a problem], then tried to obtain large sums of money by deception
and finaly threatened a series of frivolous lawsuits. In between he harassed
the famillies of a number of people trying to nab him.
For the log options I would suggest that the system be bassed on the MAC
standards avaliable from the NSA. It should be possible to use the Web to track
the readership of various documents. This is not just a security issue. In
ISO-9000 there are a large number of documents which individuals must
acknowledge reciept of >and reading< - The two arn't the same. Even having
viewed a document does not mean I have read it, it would be very nice if my
mail/newsreader allowed me to add documents into a "pending" file (watch
this space :-).
--
Phillip M. Hallam-Baker
Not Speaking for anyone else.
