Re: Tracking through cache abuse

Mark Nottingham <mnot@mnot.net> Mon, 25 July 2011 18:59 UTC

Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6E13321F841D for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Mon, 25 Jul 2011 11:59:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.508
X-Spam-Level:
X-Spam-Status: No, score=-9.508 tagged_above=-999 required=5 tests=[AWL=1.091, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JHH0-5FLG9ge for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Mon, 25 Jul 2011 11:59:06 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) by ietfa.amsl.com (Postfix) with ESMTP id AEC9E21F8BE0 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Mon, 25 Jul 2011 11:59:06 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.69) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1QlQMh-0006wb-V8 for ietf-http-wg-dist@listhub.w3.org; Mon, 25 Jul 2011 18:58:56 +0000
Received: from lisa.w3.org ([128.30.52.41]) by frink.w3.org with esmtp (Exim 4.69) (envelope-from <mnot@mnot.net>) id 1QlQMa-0006vg-Fi for ietf-http-wg@listhub.w3.org; Mon, 25 Jul 2011 18:58:48 +0000
Received: from mxout-07.mxes.net ([216.86.168.182]) by lisa.w3.org with esmtp (Exim 4.72) (envelope-from <mnot@mnot.net>) id 1QlQMY-0006EX-E9 for ietf-http-wg@w3.org; Mon, 25 Jul 2011 18:58:47 +0000
Received: from dhcp-5744.meeting.ietf.org (unknown [130.129.87.68]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by smtp.mxes.net (Postfix) with ESMTPSA id 3645F22E25C; Mon, 25 Jul 2011 14:58:25 -0400 (EDT)
Mime-Version: 1.0 (Apple Message framework v1084)
Content-Type: text/plain; charset="iso-8859-1"
From: Mark Nottingham <mnot@mnot.net>
In-Reply-To: <redr271mt9er45npjo41fnrrup8unur4u3@hive.bjoern.hoehrmann.de>
Date: Mon, 25 Jul 2011 14:58:24 -0400
Cc: ietf-http-wg@w3.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <44F659D2-00A2-496E-B224-991E60B8A354@mnot.net>
References: <redr271mt9er45npjo41fnrrup8unur4u3@hive.bjoern.hoehrmann.de>
To: Bjoern Hoehrmann <derhoermi@gmx.net>
X-Mailer: Apple Mail (2.1084)
Received-SPF: pass client-ip=216.86.168.182; envelope-from=mnot@mnot.net; helo=mxout-07.mxes.net
X-W3C-Hub-Spam-Status: No, score=-1.9
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001
X-W3C-Scan-Sig: lisa.w3.org 1QlQMY-0006EX-E9 84acea68120dfa32e96795df966bc122
X-Original-To: ietf-http-wg@w3.org
Subject: Re: Tracking through cache abuse
Archived-At: <http://www.w3.org/mid/44F659D2-00A2-496E-B224-991E60B8A354@mnot.net>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/11078
X-Loop: ietf-http-wg@w3.org
Sender: ietf-http-wg-request@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
Resent-Message-Id: <E1QlQMh-0006wb-V8@frink.w3.org>
Resent-Date: Mon, 25 Jul 2011 18:58:55 +0000

Hi Bjoern,

Can you suggest text? Seems it would need to be in p2 (redirects), p4 (conditional) as well as p6 (caching).

Cheers,


On 25/07/2011, at 2:54 PM, Bjoern Hoehrmann wrote:

> Hi,
> 
>  http://tools.ietf.org/html/draft-ietf-httpbis-p6-cache-15 currently
> does mention that "Because cache contents persist after an HTTP request
> is complete, an attack on the cache can reveal information long after a
> user believes that the information has been removed from the network",
> but does not seem to address privacy issues that go along with that.
> 
> "Evercookie" for instance abuses the ETag header as tracking mechanism,
> and specially crafted cached resources to the same end; others abuse 301
> redirects, and there are other features that can be abused this way. The
> draft should note this as a general problem and cite some of the things
> we know about as examples.
> 
> regards,
> -- 
> Björn Höhrmann · mailto:bjoern@hoehrmann.de · http://bjoern.hoehrmann.de
> Am Badedeich 7 · Telefon: +49(0)160/4415681 · http://www.bjoernsworld.de
> 25899 Dagebüll · PGP Pub. KeyID: 0xA4357E78 · http://www.websitedev.de/ 
> 

--
Mark Nottingham   http://www.mnot.net/