Re: Security in HTTP and caches

Simon E Spero (ses@tipper.oit.unc.edu)
Thu, 3 Nov 1994 17:37:38 +0100

>>>>> "njw" == Nick Williams <njw@cs.city.ac.uk> writes:

njw> Following the discussion of client caches, etc.... As
njw> somebody else mentioned earlier, it's not good to cache a
njw> document if it requires authorisation.

[proposal deleted]

Nick -
I may be missing the point here, but I can't quite understand the
purpose of this scheme. It doesn't really provide any protection for
the documents, and because it requires both parties to explicitly
trust *all* the intermediaries, can't easily be modified to become
part of a secure framework.

If the aim is to discourage unauthorised users from accessing the resources,
would it be easier to have an explicit licencing agreement appearing on all
published entry points to the server?

Cacheing and security are somewhat antagonistic. There are several
ways of dealing with the problem. If the proxy is trusted by the
server, it can authenticate the user itself; this would be the case if
both servers were part of the same adminstrative domain. Otherwise,
the document could be cached on the server in encrypted form, and the
key obtained from the originating server in response to a relayed
request from the client. The document key would have to be encrypted
using the clients public key to prevent the proxy from decoding the document.

Simon