[cap-talk] Webkeys vs. the web
Karp, Alan H
alan.karp at hp.com
Thu Apr 2 12:39:27 EDT 2009
Sam Mason wrote:
>
> I'm unsure what you mean here; do you mean that authority conveying
> links should not appear in the HTML source even if they're in, say, a
> hidden field that only gets revealed after the user clicks on a "Copy
> this Link". I'd say it's OK for this to occur; but it's not good if
> a link can be copied and pasted without some designating action being
> performed first.
Fair enough.
>
> There are two general purpose designating actions that spring to mind;
>
> 1) the user clicking a "Copy this Link" button.
Do you mean right-click Copy Link Address? If so, that's one concern.
>
> 2) the user selecting "View Source" from the menu button to show the
> HTML source.
>
I'm not so worried about this one.
Of course, the biggest problem is people sharing the webkey in the address bar who end up granting authorities carried by links on the page.
________________________
Alan Karp
Principal Scientist
Virus Safe Computing Initiative
Hewlett-Packard Laboratories
1501 Page Mill Road
Palo Alto, CA 94304
(650) 857-3967, fax (650) 857-7029
http://www.hpl.hp.com/personal/Alan_Karp
More information about the cap-talk
mailing list