[cap-talk] Webkeys vs. the web

Karp, Alan H alan.karp at hp.com
Tue Mar 31 20:09:12 EDT 2009


David-Sarah Hopwood wrote:
> 
> However, you can't give the *content* of the page to a subject that should
> only have the attenuated authority. This is a useful thing to allow; also
> note that the page content can potentially leak via an XSS attack or any
> other browser exploit that can transmit content on the current page to an
> attacker.

The idea is that the dynamic part of the page doesn't contain any actual links.  Clicking what appears to be a link invokes a script that uses the traversed path information to decide what page to show next.
> 
> In any case, why is this necessary, given that the browser's Back button
> and History window provide the same functionality? It seems like a lot
> of complexity just to duplicate functionality that is already available
> via those browser features (in a way that doesn't cause any problem in
> giving the page content to another subject).
>
Recall Chip's challenge.  He wanted to put a "take me Home", e.g., to my powerbox page,  link on a page having reduced authority.  In my proposal, that would go in the dynamic part.

________________________
Alan Karp
Principal Scientist
Virus Safe Computing Initiative
Hewlett-Packard Laboratories
1501 Page Mill Road
Palo Alto, CA 94304
(650) 857-3967, fax (650) 857-7029
http://www.hpl.hp.com/personal/Alan_Karp




More information about the cap-talk mailing list