[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Secure Cookies (was: Re: lynx-dev 2.8.3rel SSL problems -traces inlc

From: David Woolley
Subject: Re: Secure Cookies (was: Re: lynx-dev 2.8.3rel SSL problems -traces inlcuded)
Date: Mon, 3 Dec 2001 07:08:54 +0000 (GMT)

> What is a secure cookie?  Handshaking plus encryption?

A cookie that can only be sent to a site over a secure connection,
presumably because it contains sensitive information.

> Is redirecting from a secure https://login.server to an unsecure
> http://content.server a Bad Thing?  If not, can anybody point me

It confuses users by making them think they are talking to
something secure when they are not (or generates lots of 
warnings about this).

Any information sent to a non-secure site violates the no write down
principle of security, i.e. any information held by a secure system should
be treated as tainted by the secure information that it holds.  This also
applies to talking to you at all if it serves other people, so it has to
be compromised for any realistic e-commerce system!  Total dispensation
from this principle requires a level of trust in the software that is
not realistic for nearly all software, let alone e-commerce software.

> to an RFC-like object that codifies the SHOULDs, MAYs and MUSTs
> of the transaction?  If not, is there a list concensus on
> real-world conditions in this area?

The web essentially ignores the existing RFC on cookies, still
using a less secure Netscape standard.  You can't really expect
standards here - one is talking of good practice.

There are a lot of dodgy things that happen with SSL; one gets sites
that use a different domain name for their secure server, when the
correlation of the domain name is the only indication that the 
insecure site you started with hasn't been hijacked by a man in the
middle who is substituting their secure site for the real one.  I
believe Lynx is not safe against man in the middle attacks of the
secure site, as it apparently doensn't authenticate the site.

; To UNSUBSCRIBE: Send "unsubscribe lynx-dev" to address@hidden

reply via email to

[Prev in Thread] Current Thread [Next in Thread]