[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: CAP issue: Fallback/fanout to iTIP
Steve Mansour wrote:
So... any opinions on whether or not to try to keep fanout in CAP ?
John? Anybody?
Having just reread the fanout section in the I-D, I'd say cut it. It
doesn't introduce any truly new capabilities, and it does introduce some
potentially serious security problems. Either the servers trust each
other, or the server doing fanout has to be able to exercise the user's
credentials on the remote server. Either way, it permits an attacker
who subverts one server to use it against other servers, instead of
limiting the damage to a single server.
--
/================================================================\
|John Stracke | http://www.ecal.com |My opinions are my own. |
|Chief Scientist |===============================================|
|eCal Corp. |There are footprints on the moon. No feet, just|
|francis@xxxxxxxx|footprints. |
\================================================================/