On Wed, 2007-03-21 at 18:04 +0100, Stefan Bischof wrote:
> > I am sure we will eventually see compromised or otherwise unfriendly
> > ICAP servers that do nasty things. Such servers would love to do
> nasty
> > things "on behalf" of a client, using client identity if possible.
> Thus,
> > I have a problem with blindly copying sensitive client information
> into
> > requests generated (originated from) the ICAP server.
Sorry, but I don't see your point.
An user who doesn't encrypt traffic end-to-end implicitly trusts all
nodes that interconnect her to the origin server not to mess things up
relatively to the sensitivity of the exchanged information. This means
her PC, the firewall, the proxy, network switches, origin servers and
content providers and so on.
Any node along the chain could theoretically hijack traffic and steal
her identity or perform actions on her behalf.
In this regard I see the ICAP server not to be any different from a
proxy server, of which it is simply an extension. I just fail to see any
added security in not sending all the information that the proxy server
has to the ICAP server.
-- Kinkie <kinkie-dev@kinkie.it>Received on Thu Mar 22 2007 - 09:26:58 MDT
This archive was generated by hypermail pre-2.1.9 : Sun Apr 01 2007 - 12:00:01 MDT