[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Uri-review] ssh URI

To: David Booth <david at dbooth.org>
Subject: Re: [Uri-review] ssh URI
From: Eliot Lear <lear at cisco.com>
Date: Tue, 13 Oct 2009 08:10:32 +0200
Authentication-results: ams-iport-1.cisco.com; dkim=neutral (message not signed) header.i=none
Cc: uri-review at ietf.org, uri at w3.org
Delivered-to: uri-review at core3.amsl.com
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=lear at cisco.com; l=1404; q=dns/txt; s=amsiport01001; t=1255414234; x=1256623834; h=from:sender:reply-to:subject:date:message-id:to:cc: mime-version:content-transfer-encoding:content-id: content-description:resent-date:resent-from:resent-sender: resent-to:resent-cc:resent-message-id:in-reply-to: references:list-id:list-help:list-unsubscribe: list-subscribe:list-post:list-owner:list-archive; z=From:=20Eliot=20Lear=20<lear at cisco.com>|Subject:=20Re: =20[Uri-review]=20ssh=20URI|Date:=20Tue,=2013=20Oct=20200 9=2008:10:32=20+0200|Message-ID:=20<4AD419D8.30907 at cisco. com>|To:=20David=20Booth=20<david at dbooth.org>|CC:=20bob at s porkmonger.com,=20uri-review at ietf.org,=20uri at w3.org |MIME-Version:=201.0|Content-Transfer-Encoding:=207bit |In-Reply-To:=20<1255406578.5481.10704.camel at dbooth-lapto p>|References:=20<20091009160149.GB16908 at braingia.org>=09 <1255366894.5481.8445.camel at dbooth-laptop>=09<5EAB4D387A4 A4B7C854FBD1869729771 at POCZTOWIEC>=09<1255395156.5481.1008 3.camel at dbooth-laptop>=09<81c242240910121816y4becb1aevae5 008b23537df2c at mail.gmail.com>=09<1255398140.5481.10279.ca mel at dbooth-laptop>=09<81c242240910121855q52319dbatafb6ee4 6c3364ed at mail.gmail.com>=20<1255406578.5481.10704.camel at d booth-laptop>; bh=J0upjsocV/voKWWM7a7bW23qRz3QstJjz0LDx3VrJXo=; b=nNBB7NCbJjj2DSSnGVEd5TdHGyOca2O/KrThkgVnj89sM/15ilb7Vjdy tkfwxDNsdn/TEW5r3PkWuNh4aRsT1MbNeK19cDSI5Ob/xoDGt1njDiWNI Nhc9ZgGmhRPvdW5ylmzhxzTgbrKQ2lY3TxjSxngEWl0XGyGY8Z41ocCKH I=;
In-reply-to: <1255406578.5481.10704.camel at dbooth-laptop>
List-archive: <http://www.ietf.org/mail-archive/web/uri-review>
List-help: <mailto:uri-review-request@ietf.org?subject=help>
List-id: Proposed URI Schemes <uri-review.ietf.org>
List-post: <mailto:uri-review@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/uri-review>, <mailto:uri-review-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/uri-review>, <mailto:uri-review-request@ietf.org?subject=unsubscribe>
References: <20091009160149.GB16908 at braingia.org> <1255366894.5481.8445.camel at dbooth-laptop> <5EAB4D387A4A4B7C854FBD1869729771 at POCZTOWIEC> <1255395156.5481.10083.camel at dbooth-laptop> <81c242240910121816y4becb1aevae5008b23537df2c at mail.gmail.com> <1255398140.5481.10279.camel at dbooth-laptop> <81c242240910121855q52319dbatafb6ee46c3364ed at mail.gmail.com> <1255406578.5481.10704.camel at dbooth-laptop>
User-agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9.1.4pre) Gecko/20091003 Shredder/3.0pre

On 10/13/09 6:02 AM, David Booth wrote:

Getting a scheme registered is the *easy* part.  The hard part is
getting millions of installed clients to implement the special
recognition of that scheme.

I agree, and I think what you're proposing is interesting along thoselines. I also appreciate your answers to my earlier questions. Rightnow we have no guidance or analysis that goes into the associated risksof what you are proposing. A few examples of things that can and willgo wrong with non-participants:

1. A query goes out to a third party, and the site is down orunreachable. In this case, the non-participant will hang in anunspecified way rather than get a hard error.2. A query goes out and the third party has been compromised. And inthis case, the third party is a really attractive target because one canmap administrative resources with SSH. Worse, the client acts on themeta-information in some way, leading to additional compromises. You'realready using redirects. So what can a bad guy redirect to in order tomake things interesting? Well, he's got a Browser: header. Perhaps heredirects to an appropriate exploit.

Now to be fair to you, I haven't done the analysis to say, "this isABSOLUTELY a problem", but nor have I seen an analysis from you thatleads me to conclude that this is not a problem.


Eliot

Follow-Ups:
- Re: [Uri-review] ssh URI
  - From: David Booth

References:
- [Uri-review] ssh URI
  - From: Steve Suehring
- Re: [Uri-review] ssh URI
  - From: David Booth
- Re: [Uri-review] ssh URI
  - From: Kristof Zelechovski
- Re: [Uri-review] ssh URI
  - From: David Booth
- Re: [Uri-review] ssh URI
  - From: Bob Aman
- Re: [Uri-review] ssh URI
  - From: David Booth
- Re: [Uri-review] ssh URI
  - From: Bob Aman
- Re: [Uri-review] ssh URI
  - From: David Booth

Prev by Date: Re: [Uri-review] ssh URI
Next by Date: Re: [Uri-review] ssh URI
Previous by thread: Re: [Uri-review] ssh URI
Next by thread: Re: [Uri-review] ssh URI
Index(es):
- Date
- Thread