Shen Code Modifications to libwww.

• To: www-security@ns1.rutgers.edu
• Subject: Shen Code Modifications to libwww.
• From: hallam@dxal18.cern.ch
• Date: Thu, 28 Jul 94 14:49:15 +0200
• Cc: hallam@dxal18.cern.ch
• In-Reply-To: Your message of "Tue, 26 Jul 94 10:11:28 EDT." <9407261412.AA24086@tis.com>

Hello all, 

	Seems like this list has suddenly taken off. People might be interested
to know what modifications we are looking to make to the CERN daemon and
reference client. We intend to distribute this code as an add in module
to the CERN library of common code.

At the moment we have:

1) Hooks in the library to provide:
	1) Encryption and decryption Stream modules.
	2) Provision of key maintenance features in the htadm tool
	3) Parsing of security related items in MIME headers.

2) Encryption modules currently supported:
	1) DES in ECB mode
	2) RSA

3) Configuration files for clients and browsers providing security features.
	1) Require server authentication for URLs matching a particular pattern
	2) Send client authentication for URLs matching a particular pattern.
	3) Force outgoing encryption of headers for URLs matching a
	particular pattern.

NB the header encryption code is currently disabled as I am ripping out all the
MIME parsers in the whole library and replacing them with something more
consistent.


The code library is avaliable to developers only at the moment. Before a proper
release can be made it has to pass regression tests I haven't written
yet and also all the possible memory leaks need to be stopped up. The interfaces
are quite stable though.


We are interested in enhancing the httpd to run in a secured mode so as to 
preserve firewall integrity. This may involve considerably reducing the
capabilities of the current proxy to a "safe" or "certified safe" subset.
For example would people be interested in a version of the proxy server
that only performed http requests and only on port 80. Then a version of
Mosaic et al running through a proxy could only perform http. 

In general I would like to move away from the architecture where image types
are handled by spawning off processes left right and center, potentialy
invoking an unsafe interpreter (eg postscript).


One point to pick up on, the secured browser uses a special anchor format to
denote a secured link [>1<] instead of [1]. We need to build a consensus
about possibly dangerous operations that could potentialy cause trouble.


Phill Hallam-Baker
CERN

• Re: XMosaic client vs. The Firewall
• From: "David I. Dalva" <dave@tis.com>

• Previous: inet-marketing hypermail-like archive up
• Next: Re: Shen Code Modifications to libwww.
• Index(es):
  • Index
  • Thread