[cap-talk] Webkeys vs. the web

David-Sarah Hopwood david.hopwood at industrial-designers.co.uk
Tue Mar 31 19:53:27 EDT 2009


Karp, Alan H wrote:
> David-Sarah Hopwood wrote:
>> Alan Karp wrote:
>>> If what appears on a page can be tied to the path used to reach it,
>>> it should be safe to put on a page a link to any page that the user
>>> traversed on the path to that page.
>>
>> No, that's not safe. It would mean that following a link that is
>> supposed to attenuate authority, does not actually attenuate it.
>
> I don't understand.  I am proposing that a page consist of a static
> part and a dynamic part.  The static part has whatever the page designer
> wants it to have.  The dynamic part depends on the path used to reach
> the page and may have links to previously visited pages that have more
> authority. If I send you the URL for this page, you get all the authority
> available from the static part but none of the authority from the dynamic
> part.  Why doesn't that attenuate?

However, you can't give the *content* of the page to a subject that should
only have the attenuated authority. This is a useful thing to allow; also
note that the page content can potentially leak via an XSS attack or any
other browser exploit that can transmit content on the current page to an
attacker.

In any case, why is this necessary, given that the browser's Back button
and History window provide the same functionality? It seems like a lot
of complexity just to duplicate functionality that is already available
via those browser features (in a way that doesn't cause any problem in
giving the page content to another subject).

-- 
David-Sarah Hopwood ⚥



More information about the cap-talk mailing list