[44351] in Cypherpunks
Re: Barring access to Netscape
daemon@ATHENA.MIT.EDU (Simon Spero)
Fri Dec 1 03:49:32 1995
Date: Fri, 1 Dec 1995 00:49:26 -0800 (PST)
From: Simon Spero <ses@tipper.oit.unc.edu>
To: Ed Carp <ecarp@netcom.com>
Cc: cypherpunks@toad.com
In-Reply-To: <199512010738.BAA17804@khijol>
On Fri, 1 Dec 1995, Ed Carp wrote:
> I believe that Netscape uses "Mozilla" as their keyword when
> exchanging browser-specific information.
The field is User-Agent. However, blocking access to users of Navigator
isn't a particularly useful thing to do. If you must do something, why
not modify your GET handler to add a header to the start of all html
pages informing people of the problem, and suggesting alternatives.
Someone else [I can't remember, but I'll call them Alice] claimed that the
security problems showing up were part of a deliberate conspiracy. To
anyone who knows anything about the history of these things knows how
absurd this is. The principals at Netscape are a nice bunch of really
guys, but were not really up to speed on issues like security and
networking- for example, the first incarnation of SSL had an RC4 stream
running with no checksumming whatsoever. The security problems that
resulted are due to the learning curve.
Simon
