> From owner-wrec@cs.utk.edu Sun Jun 6 11:51:50 1999
> Date: Sun, 06 Jun 1999 11:45:37 -0700
> From: William Maggs <bill@inktomi.com>
> X-Accept-Language: en
> To: Ingrid Melve <Ingrid.Melve@uninett.no>
> CC: wrec@cs.utk.edu, garyt@novell.com
> Subject: Re: TAXONOMY: Security considerations
> List-Unsubscribe: <mailto:wrec-request@cs.utk.edu?Subject=unsubscribe>
>
> I think security for proxy caches is a subject that would be really useful
> to spend WG time on, and perhaps even talk about it in Oslo. Is this
> premature, meaningwe should stick to the docs we will be
> reviewing/presenting, before initiating a separate discussion about
> security? What do you think about it as an agenda item for July?
>
> I have been trying to think about a long-term approach to proxy security in
> my own job. I think your point is well-made; there is no analogy to web
> server (or other host) security, because of all the info about clients as
> well as servers held by the proxy. The analogy would be to network elements
> like routers, but with the stringency applied to web and other servers end
> to end crypto of everything would make caching perhaps to hard to justify it
> as a useful service.
The primary problem with web security is that caching is,
by its nature, a replay 'attack,' based (at some level)
on spoofing.
As a result, might be useful to separate authentication,
privacy, and service security issues.
I.e., for each item proposed, to discuss whether it compromises
known techniques for each type of security.
Joe
This archive was generated by hypermail 2b29 : Thu Nov 18 2004 - 11:21:26 MST