IETF Logo Mail Archive

[Gen-art] Confidentiality of lock information (BugZilla issue 260), was: [Fwd: Gen-art last call review of draft-ietf-webdav-rfc2518bis-17.txt]

Julian Reschke <julian.reschke@gmx.de> Sat, 17 February 2007 19:04 UTC

Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1HIUrc-0000yZ-6W; Sat, 17 Feb 2007 14:04:52 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HIUrb-0000uk-42 for gen-art@ietf.org; Sat, 17 Feb 2007 14:04:51 -0500
Received: from mail.gmx.net ([213.165.64.20]) by ietf-mx.ietf.org with smtp (Exim 4.43) id 1HIUrY-0004oo-Ms for gen-art@ietf.org; Sat, 17 Feb 2007 14:04:51 -0500
Received: (qmail invoked by alias); 17 Feb 2007 19:04:47 -0000
X-Provags-ID: V01U2FsdGVkX19ohl1LOgNomvg3xhCFgB5xdkESEjPzzDWlNxbBYS 3hdw==
Message-ID: <45D751D1.7040809@gmx.de>
Date: Sat, 17 Feb 2007 20:04:49 +0100
From: Julian Reschke <julian.reschke@gmx.de>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.8.0.4) Gecko/20060516 Thunderbird/1.5.0.4 Mnenhy/0.7.4.666
MIME-Version: 1.0
To: WebDAV <w3c-dist-auth@w3.org>
References: <45BF4703.2010906@gmx.de> <45C5ACEC.4050304@gmx.de>
In-Reply-To: <45C5ACEC.4050304@gmx.de>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Y-GMX-Trusted: 0
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 52e1467c2184c31006318542db5614d5
Cc: gen-art@ietf.org
Subject: [Gen-art] Confidentiality of lock information (BugZilla issue 260), was: [Fwd: Gen-art last call review of draft-ietf-webdav-rfc2518bis-17.txt]
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/gen-art>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
Errors-To: gen-art-bounces@ietf.org

Julian Reschke schrieb:
>> Potential security implications of lockdiscovery:  s6.8 requires a
>> compliant server to support lockdiscovery and expects the response to
>> this request to include the names of principals and potentially the lock
>> tokens for locks being held on a resource.  The privacy implications of
>> this are discussed in the Security Considerations but it does not appear
>> to be allowed to restrict or deny this request purely on security
>> grounds.  It is likely that some organizations might consider the
>> ability to determine who holds locks is a sensitive matter beyond just
>> issues of privacy, and the responses to lockdiscovery might be mediated
>> by access controls.
> 
> I agree that this is a problem. The change in RFC2518bis has been done
> in an early draft; I don't recall any discussion related to this, nor is
> this mentioned in the Changes section.
> 
> Opened issue:
> <http://ietf.osafoundation.org:8080/bugzilla/show_bug.cgi?id=260>
> ...

RFC2518 says in 
<http://greenbytes.de/tech/webdav/rfc2518.html#rfc.section.13.8>:

"The lockdiscovery property returns a listing of who has a lock, what 
type of lock he has, the timeout type and the time remaining on the 
timeout, and the associated lock token. The server is free to withhold 
any or all of this information if the requesting principal does not have 
sufficient access rights to see the requested data."

This was changed in RFC2518bis between drafts 1 and 2, and I'm not aware 
of any discussion about this, nor is this change recorded in the Changes 
section. Thus, it probably was unintentional, and I would recommend to 
restore the old text.

Best regards, Julian


_______________________________________________
Gen-art mailing list
Gen-art@ietf.org
https://www1.ietf.org/mailman/listinfo/gen-art

v2.23.0 | Report a Bug | By Email