IETF Logo Mail Archive

Re: [apps-discuss] Webfinger discussion

Bob Wyman <bob@wyman.us> Mon, 26 March 2012 18:31 UTC

Return-Path: <bobwyman@gmail.com>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A8E2B21F85C4 for <apps-discuss@ietfa.amsl.com>; Mon, 26 Mar 2012 11:31:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.229
X-Spam-Level:
X-Spam-Status: No, score=-2.229 tagged_above=-999 required=5 tests=[AWL=0.748, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id a8APJdTpDLU5 for <apps-discuss@ietfa.amsl.com>; Mon, 26 Mar 2012 11:31:31 -0700 (PDT)
Received: from mail-qc0-f172.google.com (mail-qc0-f172.google.com [209.85.216.172]) by ietfa.amsl.com (Postfix) with ESMTP id C5A0A21F85BD for <apps-discuss@ietf.org>; Mon, 26 Mar 2012 11:31:30 -0700 (PDT)
Received: by qcsq13 with SMTP id q13so4056261qcs.31 for <apps-discuss@ietf.org>; Mon, 26 Mar 2012 11:31:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type; bh=QscMxMqvAvzXewHNFyN0ddG2tgn5s6sNla/3tLGMTDc=; b=XVaa/KV3w4HszlXCavrIvfmh8qZPRDF2jHNcra7TcDq80HoMYj8rCJNc5uy2wskg5s XyX53mPmznMAbdfWvuI5cDmgz6tpdyvpIpxeMJKBS1mi0tiGTuK+db+U32EObhCKHtlm AsQUpY1n/h40RY1mcpLHnhdycT9SPUJ6ge/syKTrU5W2aJAXbao1tQsPDblEUa9yILYX SjKpGntUJF0xgoAatUeO+c4njdVIo6HT610/WBlz7eibzfHQ2k9GQOtxUFY/VbwwG40p PueyZOV7k1hJp2kg9Z2Qv4haRiAuE4SYRH8H1BTcAQ8mXF/6V5/x2gT1+Zlhg35Wd9Sy weVg==
MIME-Version: 1.0
Received: by 10.224.116.19 with SMTP id k19mr29109955qaq.59.1332786690219; Mon, 26 Mar 2012 11:31:30 -0700 (PDT)
Sender: bobwyman@gmail.com
Received: by 10.229.157.16 with HTTP; Mon, 26 Mar 2012 11:31:30 -0700 (PDT)
In-Reply-To: <20120326150556.GC3557@mail.yitter.info>
References: <053201cd0b5d$c08c80f0$41a582d0$@packetizer.com> <20120326150556.GC3557@mail.yitter.info>
Date: Mon, 26 Mar 2012 14:31:30 -0400
X-Google-Sender-Auth: _-BK5LmDu0CjFiwhUfbu0pFnYjE
Message-ID: <CAA1s49V0M7N1pLua+ORxGWmsrd_yAA_KQ0Piqjg8VuWJ5=G+Lg@mail.gmail.com>
From: Bob Wyman <bob@wyman.us>
To: Andrew Sullivan <ajs@anvilwalrusden.com>
Content-Type: multipart/alternative; boundary="20cf3074d9343b5c8c04bc29951a"
Cc: apps-discuss@ietf.org
Subject: Re: [apps-discuss] Webfinger discussion
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 26 Mar 2012 18:31:31 -0000

On Mon, Mar 26, 2012 at 11:05 AM, Andrew Sullivan <ajs@anvilwalrusden.com>wrote:

> On Mon, Mar 26, 2012 at 10:35:54AM -0400, Paul E. Jones wrote:
>
> > > Andrew Sullivan: when I was a kid, they told us to turn off finger, so
> I'm
> > > concerned about security
> >
> > That was due to the fact the finger protocol implementations had security
> > holes.  It was also possible to do things like "ln /etc/password .plan"
> and
> > that was a bad thing :-)
>
> That wasn't the only reason they told us this.  One of the things that
> people used to worry about was that finger leaked information.  In
> particular, it was an excellent way to identify targets for account
> takeover: people who never logged in, and people who were in for
> endless days and therefore whose account was probably often
> unmonitored.
>
WebFinger has primarily been used for providing access to relatively static
data rather than for the kind of dynamic "presence" information that finger
was often used for. Thus, when folk are thinking about WebFinger, they are
usually considering use cases like "locating a user's blog," or "finding a
user's public key." However, there isn't anything in WebFinger that would
prevent providing dynamic data such as "current location (lat/long),"
"logged in state," or even "last command issued to bash..." (highly
un-recommended!). If people did, in fact, use WebFinger to record such
stuff, the concerns you mentioned would be relevant. Thus, it might make
sense for the Security Considerations section to suggest that one should
think carefully before using WebFinger to provide such dynamic information.


>
> Now, I never knew whether I believed this sort of complaint, but it
> was one, and the draft as it stands only just hints at the sort of
> analysis that ought to be done.  It seems like this requires a much
> expanded security considerations section, and that was the point I
> wanted to make.
>
> Best,
>
> A
>
> --
> Andrew Sullivan
> ajs@anvilwalrusden.com
> _______________________________________________
> apps-discuss mailing list
> apps-discuss@ietf.org
> https://www.ietf.org/mailman/listinfo/apps-discuss
>

v2.23.0 | Report a Bug | By Email