[html5] r7434 - [] (0) Remove the http+aes: feature due to lack of interest. If you're an implem [...]
whatwg at whatwg.org
whatwg at whatwg.org
Fri Oct 5 15:47:54 PDT 2012
Author: ianh
Date: 2012-10-05 15:47:53 -0700 (Fri, 05 Oct 2012)
New Revision: 7434
Modified:
complete.html
index
source
Log:
[] (0) Remove the http+aes: feature due to lack of interest. If you're an implementor and _are_ interested, let me know, I'd be happy to put it back and maintain it.
Affected topics: HTML, HTML Syntax and Parsing, Security
Modified: complete.html
===================================================================
--- complete.html 2012-10-03 17:19:24 UTC (rev 7433)
+++ complete.html 2012-10-05 22:47:53 UTC (rev 7434)
@@ -249,7 +249,7 @@
<header class=head id=head><p><a class=logo href=http://www.whatwg.org/><img alt=WHATWG height=101 src=/images/logo width=101></a></p>
<hgroup><h1 class=allcaps>HTML</h1>
- <h2 class="no-num no-toc">Living Standard — Last Updated 3 October 2012</h2>
+ <h2 class="no-num no-toc">Living Standard — Last Updated 5 October 2012</h2>
</hgroup><dl><dt><strong>Web developer edition:</strong></dt>
<dd><strong><a href=http://developers.whatwg.org/>http://developers.whatwg.org/</a></strong></dd>
<dt>Multiple-page version:</dt>
@@ -1357,9 +1357,7 @@
<li><a href=#application/microdata+json><span class=secno>16.7 </span><code>application/microdata+json</code></a></li>
<li><a href=#ping-from><span class=secno>16.8 </span><code>Ping-From</code></a></li>
<li><a href=#ping-to><span class=secno>16.9 </span><code>Ping-To</code></a></li>
- <li><a href=#http+aes-scheme><span class=secno>16.10 </span><code>http+aes</code> scheme</a></li>
- <li><a href=#https+aes-scheme><span class=secno>16.11 </span><code>https+aes</code> scheme</a></li>
- <li><a href=#web+-scheme-prefix><span class=secno>16.12 </span><code>web+</code> scheme prefix</a></ol></li>
+ <li><a href=#web+-scheme-prefix><span class=secno>16.10 </span><code>web+</code> scheme prefix</a></ol></li>
<li><a class=no-num href=#index>Index</a>
<ol>
<li><a class=no-num href=#elements-1>Elements</a></li>
@@ -1610,7 +1608,6 @@
<li>The <code title=dom-document-cssElementMap><a href=#dom-document-csselementmap>cssElementMap</a></code> feature for defining <a href=#css-element-reference-identifier title="CSS element reference identifier">CSS element reference identifiers</a>.</li> <!--CSSREF-->
<li>Some predefined <a href=#mdvocabs>Microdata vocabularies</a>.</li>
<li>The <code><a href=#the-data-element>data</a></code> element for marking up machine-readable data.</li><!--DATA--><!--FORK-->
- <li>The <code title=scheme-http+aes><a href=#http+aes-scheme>http+aes:</a></code> and <code title=scheme-http+aes><a href=#http+aes-scheme>https+aes:</a></code> schemes.</li><!--FORK-->
<li>The <a href=#application-cache>application cache</a> feature's <a href=#concept-appcache-mode-prefer-online title=concept-appcache-mode-prefer-online>prefer-online</a> mode.</li><!--FORK--><!--APPCACHE-PREFER-ONLINE-->
<li>The <code title=dom-TextTrack-inBandMetadataTrackDispatchType><a href=#dom-texttrack-inbandmetadatatrackdispatchtype>TextTrack.inBandMetadataTrackDispatchType</a></code> feature for Internet-based TV broadcast.</li>
<li>HD variants of the <code><a href=#imagedata>ImageData</a></code> API methods.</li>
@@ -96816,7 +96813,7 @@
<p>XML documents may contain a <code>DOCTYPE</code> if desired, but
this is not required to conform to this specification. This
specification does not define a public or system identifier, nor
- provide a format DTD.</p>
+ provide a formal DTD.</p>
<p class=note>According to the XML specification, XML processors
are not guaranteed to process the external DTD subset referenced in
@@ -102058,142 +102055,8 @@
</dd>
<dt>Related information:</dt>
<dd>None.</dd>
- </dl><!--PING--><!--FORK--><h3 id=http+aes-scheme><span class=secno>16.10 </span><dfn title=scheme-http+aes><code>http+aes</code> scheme</dfn></h3>
+ </dl><h3 id=web+-scheme-prefix><span class=secno>16.10 </span><dfn title=scheme-web><code>web+</code> scheme prefix</dfn></h3>
- <p>This section describes a URL scheme registration for the IANA URI
- scheme registry. <a href=#refsRFC4395>[RFC4395]</a></p>
-
- <dl><dt>URI scheme name:</dt>
- <dd><code title="">http+aes</code></dd>
- <dt>Status:</dt>
- <dd>permanent</dd>
- <dt>URI scheme syntax:</dt>
- <dd>Same as <code title="">http</code>, with the <code title="">userinfo</code> component instead used for specifying the
- decryption key. (This key is provided in the form of 16, 24, or 32
- bytes encoded as ASCII and escaped as necessary using the URL
- escape mechanism; it is not in the "username:password" form, and
- the ":" character is not special in this component when using this
- scheme.)</dd>
- <dt>URI scheme semantics:</dt>
- <dd>Same as <code title="">http</code>, except that the message
- body must be decrypted by applying the AES-CTR algorithm using the
- key specified in the URL's <code title="">userinfo</code>
- component, after unescaping it from the URL syntax to bytes, and
- using a zero nonce. If there is no such component, or if that
- component, when unescaped from the URL syntax to bytes, does not
- consist of exactly 16, 24, or 32 bytes, then the user agent must
- act as if the resource could not be obtained due to a network
- error, and may report the problem to the user.</dd>
- <dt>Encoding considerations:</dt>
- <dd>Same as <code title="">http</code>, but the <code title="">userinfo</code> component represents bytes encoded using
- ASCII and the URL escape mechanism.</dd>
- <dt>Applications/protocols that use this URI scheme name:</dt>
- <dd>Same as <code title="">http</code>.</dd>
- <dt>Interoperability considerations:</dt>
- <dd>Same as <code title="">http</code>, but specifically for
- private resources that are hosted by untrusted intermediary servers
- as in a content delivery network.</dd>
-<!--ADD-TOPIC:Security-->
- <dt>Security considerations:</dt>
- <dd>
- <p>URLs using this scheme contain sensitive information (the key
- used to decrypt the referenced content) and as such should be
- handled with care, e.g. only sent over TLS-encrypted connections,
- and only sent to users who are authorized to access the encrypted
- content.</p>
- <p>User agents are encouraged to not show the key in user
- interface elements where the URL is displayed: first, it's ugly
- and not useful to the user; and second, it could be used to
- obscure the domain name.</p>
- <p>The <code title="">http+aes</code> URL scheme only enables the
- <em>content</em> of a particular resource to be encrypted. Any
- sensitive information held in HTTP headers is still transmitted in
- the clear. The length of the resource is still visible. The rate
- at which the data is transmitted is also unobscured. The name of
- the resource is not hidden. If this scheme is used to obscure
- private information, it is important to consider how these side
- channels might leak information.</p>
- <p class=example>For example, the length of a file containing
- only the user's age in seconds encoded in ASCII would easily let
- an attacker watching the network traffic or with access to the
- system hosting the files determine if the user was less than 3
- years old, less than 30 years old, or more than 30 years old, just
- from the length of the file. Padding the file to ten digits
- (either with trailing spaces or leading zeros) would make all ages
- from zero to three hundred indistinguishable.</p>
- <p class=example>Another example would be the file name.
- Consider a bank where each user first downloads a "data.json"
- file, which points to some other files for more data, such that
- users in debt download a "debt.json" file while users in credit
- download a "credit.json" file. In such a scenario, users can be
- categorised by an attacker watching network traffic or with access
- to the system hosting the files without the attacker ever having
- to decrypt the "data.json" files.</p>
- <p>Each resource encrypted in this fashion must use a fresh key.
- Otherwise, an attacker can use commonalities in the resources'
- plaintexts to determine the key and decrypt all the resources
- sharing a key.</p>
- <p>Authors should take care not to embed arbitrary content from
- the same site using the same scheme, as all content using the
- <code title="">http+aes</code> scheme on the same host (and same
- port) shares the same <a href=#origin>origin</a> and can therefore leak
- the keys of any other content also opened at that origin. This
- problem can be mitigated using the <code><a href=#the-iframe-element>iframe</a></code> element and
- the <code title=attr-iframe-sandbox><a href=#attr-iframe-sandbox>sandbox</a></code>
- attribute to embed such content.</p>
- <p>The security considerations that apply to <code title="">http</code> apply as well.</p>
- </dd>
-<!--REMOVE-TOPIC:Security-->
- <dt>Contact:</dt>
- <dd>Ian Hickson <ian at hixie.ch></dd>
- <dt>Author/Change controller:</dt>
- <dd>Ian Hickson <ian at hixie.ch></dd>
- <dt>References:</dt>
- <dd>
- The <code title="">http</code> URL scheme is defined in:
- <a href=http://tools.ietf.org/html/draft-ietf-httpbis-p1-messaging>http://tools.ietf.org/html/draft-ietf-httpbis-p1-messaging</a>
- </dd>
- </dl><h3 id=https+aes-scheme><span class=secno>16.11 </span><dfn title=scheme-https+aes><code>https+aes</code> scheme</dfn></h3>
-
- <p>This section describes a URL scheme registration for the IANA URI
- scheme registry. <a href=#refsRFC4395>[RFC4395]</a></p>
-
- <dl><dt>URI scheme name:</dt>
- <dd><code title="">https+aes</code></dd>
- <dt>Status:</dt>
- <dd>permanent</dd>
- <dt>URI scheme syntax:</dt>
- <dd>Same as <code title="">http+aes</code>.</dd>
- <dt>URI scheme semantics:</dt>
- <dd>Same as <code title="">http+aes</code>, but using HTTP over TLS
- (as in, HTTPS) instead of HTTP, and defaulting to the HTTPS port
- instead of HTTP's port.</dd>
- <dt>Encoding considerations:</dt>
- <dd>Same as <code title="">http+aes</code>.</dd>
- <dt>Applications/protocols that use this URI scheme name:</dt>
- <dd>Same as <code title="">https</code>.</dd>
- <dt>Interoperability considerations:</dt>
- <dd>Same as <code title="">https</code>, but specifically for
- private resources that are hosted by untrusted intermediary servers
- as in a content delivery network.</dd>
-<!--ADD-TOPIC:Security-->
- <dt>Security considerations:</dt>
- <dd>
- <p>The security considerations that apply to <code title="">http+aes</code> and <code title="">https</code> apply as
- well.</p>
- </dd>
-<!--REMOVE-TOPIC:Security-->
- <dt>Contact:</dt>
- <dd>Ian Hickson <ian at hixie.ch></dd>
- <dt>Author/Change controller:</dt>
- <dd>Ian Hickson <ian at hixie.ch></dd>
- <dt>References:</dt>
- <dd>
- The <code title="">https</code> URL scheme is defined in:
- <a href=http://tools.ietf.org/html/draft-ietf-httpbis-p1-messaging>http://tools.ietf.org/html/draft-ietf-httpbis-p1-messaging</a>
- </dd>
- </dl><h3 id=web+-scheme-prefix><span class=secno>16.12 </span><dfn title=scheme-web><code>web+</code> scheme prefix</dfn></h3>
-
<p>This section describes a convention for use with the IANA URI
scheme registry. It does not itself register a specific scheme. <a href=#refsRFC4395>[RFC4395]</a></p>
Modified: index
===================================================================
--- index 2012-10-03 17:19:24 UTC (rev 7433)
+++ index 2012-10-05 22:47:53 UTC (rev 7434)
@@ -249,7 +249,7 @@
<header class=head id=head><p><a class=logo href=http://www.whatwg.org/><img alt=WHATWG height=101 src=/images/logo width=101></a></p>
<hgroup><h1 class=allcaps>HTML</h1>
- <h2 class="no-num no-toc">Living Standard — Last Updated 3 October 2012</h2>
+ <h2 class="no-num no-toc">Living Standard — Last Updated 5 October 2012</h2>
</hgroup><dl><dt><strong>Web developer edition:</strong></dt>
<dd><strong><a href=http://developers.whatwg.org/>http://developers.whatwg.org/</a></strong></dd>
<dt>Multiple-page version:</dt>
@@ -1357,9 +1357,7 @@
<li><a href=#application/microdata+json><span class=secno>16.7 </span><code>application/microdata+json</code></a></li>
<li><a href=#ping-from><span class=secno>16.8 </span><code>Ping-From</code></a></li>
<li><a href=#ping-to><span class=secno>16.9 </span><code>Ping-To</code></a></li>
- <li><a href=#http+aes-scheme><span class=secno>16.10 </span><code>http+aes</code> scheme</a></li>
- <li><a href=#https+aes-scheme><span class=secno>16.11 </span><code>https+aes</code> scheme</a></li>
- <li><a href=#web+-scheme-prefix><span class=secno>16.12 </span><code>web+</code> scheme prefix</a></ol></li>
+ <li><a href=#web+-scheme-prefix><span class=secno>16.10 </span><code>web+</code> scheme prefix</a></ol></li>
<li><a class=no-num href=#index>Index</a>
<ol>
<li><a class=no-num href=#elements-1>Elements</a></li>
@@ -1610,7 +1608,6 @@
<li>The <code title=dom-document-cssElementMap><a href=#dom-document-csselementmap>cssElementMap</a></code> feature for defining <a href=#css-element-reference-identifier title="CSS element reference identifier">CSS element reference identifiers</a>.</li> <!--CSSREF-->
<li>Some predefined <a href=#mdvocabs>Microdata vocabularies</a>.</li>
<li>The <code><a href=#the-data-element>data</a></code> element for marking up machine-readable data.</li><!--DATA--><!--FORK-->
- <li>The <code title=scheme-http+aes><a href=#http+aes-scheme>http+aes:</a></code> and <code title=scheme-http+aes><a href=#http+aes-scheme>https+aes:</a></code> schemes.</li><!--FORK-->
<li>The <a href=#application-cache>application cache</a> feature's <a href=#concept-appcache-mode-prefer-online title=concept-appcache-mode-prefer-online>prefer-online</a> mode.</li><!--FORK--><!--APPCACHE-PREFER-ONLINE-->
<li>The <code title=dom-TextTrack-inBandMetadataTrackDispatchType><a href=#dom-texttrack-inbandmetadatatrackdispatchtype>TextTrack.inBandMetadataTrackDispatchType</a></code> feature for Internet-based TV broadcast.</li>
<li>HD variants of the <code><a href=#imagedata>ImageData</a></code> API methods.</li>
@@ -96816,7 +96813,7 @@
<p>XML documents may contain a <code>DOCTYPE</code> if desired, but
this is not required to conform to this specification. This
specification does not define a public or system identifier, nor
- provide a format DTD.</p>
+ provide a formal DTD.</p>
<p class=note>According to the XML specification, XML processors
are not guaranteed to process the external DTD subset referenced in
@@ -102058,142 +102055,8 @@
</dd>
<dt>Related information:</dt>
<dd>None.</dd>
- </dl><!--PING--><!--FORK--><h3 id=http+aes-scheme><span class=secno>16.10 </span><dfn title=scheme-http+aes><code>http+aes</code> scheme</dfn></h3>
+ </dl><h3 id=web+-scheme-prefix><span class=secno>16.10 </span><dfn title=scheme-web><code>web+</code> scheme prefix</dfn></h3>
- <p>This section describes a URL scheme registration for the IANA URI
- scheme registry. <a href=#refsRFC4395>[RFC4395]</a></p>
-
- <dl><dt>URI scheme name:</dt>
- <dd><code title="">http+aes</code></dd>
- <dt>Status:</dt>
- <dd>permanent</dd>
- <dt>URI scheme syntax:</dt>
- <dd>Same as <code title="">http</code>, with the <code title="">userinfo</code> component instead used for specifying the
- decryption key. (This key is provided in the form of 16, 24, or 32
- bytes encoded as ASCII and escaped as necessary using the URL
- escape mechanism; it is not in the "username:password" form, and
- the ":" character is not special in this component when using this
- scheme.)</dd>
- <dt>URI scheme semantics:</dt>
- <dd>Same as <code title="">http</code>, except that the message
- body must be decrypted by applying the AES-CTR algorithm using the
- key specified in the URL's <code title="">userinfo</code>
- component, after unescaping it from the URL syntax to bytes, and
- using a zero nonce. If there is no such component, or if that
- component, when unescaped from the URL syntax to bytes, does not
- consist of exactly 16, 24, or 32 bytes, then the user agent must
- act as if the resource could not be obtained due to a network
- error, and may report the problem to the user.</dd>
- <dt>Encoding considerations:</dt>
- <dd>Same as <code title="">http</code>, but the <code title="">userinfo</code> component represents bytes encoded using
- ASCII and the URL escape mechanism.</dd>
- <dt>Applications/protocols that use this URI scheme name:</dt>
- <dd>Same as <code title="">http</code>.</dd>
- <dt>Interoperability considerations:</dt>
- <dd>Same as <code title="">http</code>, but specifically for
- private resources that are hosted by untrusted intermediary servers
- as in a content delivery network.</dd>
-<!--ADD-TOPIC:Security-->
- <dt>Security considerations:</dt>
- <dd>
- <p>URLs using this scheme contain sensitive information (the key
- used to decrypt the referenced content) and as such should be
- handled with care, e.g. only sent over TLS-encrypted connections,
- and only sent to users who are authorized to access the encrypted
- content.</p>
- <p>User agents are encouraged to not show the key in user
- interface elements where the URL is displayed: first, it's ugly
- and not useful to the user; and second, it could be used to
- obscure the domain name.</p>
- <p>The <code title="">http+aes</code> URL scheme only enables the
- <em>content</em> of a particular resource to be encrypted. Any
- sensitive information held in HTTP headers is still transmitted in
- the clear. The length of the resource is still visible. The rate
- at which the data is transmitted is also unobscured. The name of
- the resource is not hidden. If this scheme is used to obscure
- private information, it is important to consider how these side
- channels might leak information.</p>
- <p class=example>For example, the length of a file containing
- only the user's age in seconds encoded in ASCII would easily let
- an attacker watching the network traffic or with access to the
- system hosting the files determine if the user was less than 3
- years old, less than 30 years old, or more than 30 years old, just
- from the length of the file. Padding the file to ten digits
- (either with trailing spaces or leading zeros) would make all ages
- from zero to three hundred indistinguishable.</p>
- <p class=example>Another example would be the file name.
- Consider a bank where each user first downloads a "data.json"
- file, which points to some other files for more data, such that
- users in debt download a "debt.json" file while users in credit
- download a "credit.json" file. In such a scenario, users can be
- categorised by an attacker watching network traffic or with access
- to the system hosting the files without the attacker ever having
- to decrypt the "data.json" files.</p>
- <p>Each resource encrypted in this fashion must use a fresh key.
- Otherwise, an attacker can use commonalities in the resources'
- plaintexts to determine the key and decrypt all the resources
- sharing a key.</p>
- <p>Authors should take care not to embed arbitrary content from
- the same site using the same scheme, as all content using the
- <code title="">http+aes</code> scheme on the same host (and same
- port) shares the same <a href=#origin>origin</a> and can therefore leak
- the keys of any other content also opened at that origin. This
- problem can be mitigated using the <code><a href=#the-iframe-element>iframe</a></code> element and
- the <code title=attr-iframe-sandbox><a href=#attr-iframe-sandbox>sandbox</a></code>
- attribute to embed such content.</p>
- <p>The security considerations that apply to <code title="">http</code> apply as well.</p>
- </dd>
-<!--REMOVE-TOPIC:Security-->
- <dt>Contact:</dt>
- <dd>Ian Hickson <ian at hixie.ch></dd>
- <dt>Author/Change controller:</dt>
- <dd>Ian Hickson <ian at hixie.ch></dd>
- <dt>References:</dt>
- <dd>
- The <code title="">http</code> URL scheme is defined in:
- <a href=http://tools.ietf.org/html/draft-ietf-httpbis-p1-messaging>http://tools.ietf.org/html/draft-ietf-httpbis-p1-messaging</a>
- </dd>
- </dl><h3 id=https+aes-scheme><span class=secno>16.11 </span><dfn title=scheme-https+aes><code>https+aes</code> scheme</dfn></h3>
-
- <p>This section describes a URL scheme registration for the IANA URI
- scheme registry. <a href=#refsRFC4395>[RFC4395]</a></p>
-
- <dl><dt>URI scheme name:</dt>
- <dd><code title="">https+aes</code></dd>
- <dt>Status:</dt>
- <dd>permanent</dd>
- <dt>URI scheme syntax:</dt>
- <dd>Same as <code title="">http+aes</code>.</dd>
- <dt>URI scheme semantics:</dt>
- <dd>Same as <code title="">http+aes</code>, but using HTTP over TLS
- (as in, HTTPS) instead of HTTP, and defaulting to the HTTPS port
- instead of HTTP's port.</dd>
- <dt>Encoding considerations:</dt>
- <dd>Same as <code title="">http+aes</code>.</dd>
- <dt>Applications/protocols that use this URI scheme name:</dt>
- <dd>Same as <code title="">https</code>.</dd>
- <dt>Interoperability considerations:</dt>
- <dd>Same as <code title="">https</code>, but specifically for
- private resources that are hosted by untrusted intermediary servers
- as in a content delivery network.</dd>
-<!--ADD-TOPIC:Security-->
- <dt>Security considerations:</dt>
- <dd>
- <p>The security considerations that apply to <code title="">http+aes</code> and <code title="">https</code> apply as
- well.</p>
- </dd>
-<!--REMOVE-TOPIC:Security-->
- <dt>Contact:</dt>
- <dd>Ian Hickson <ian at hixie.ch></dd>
- <dt>Author/Change controller:</dt>
- <dd>Ian Hickson <ian at hixie.ch></dd>
- <dt>References:</dt>
- <dd>
- The <code title="">https</code> URL scheme is defined in:
- <a href=http://tools.ietf.org/html/draft-ietf-httpbis-p1-messaging>http://tools.ietf.org/html/draft-ietf-httpbis-p1-messaging</a>
- </dd>
- </dl><h3 id=web+-scheme-prefix><span class=secno>16.12 </span><dfn title=scheme-web><code>web+</code> scheme prefix</dfn></h3>
-
<p>This section describes a convention for use with the IANA URI
scheme registry. It does not itself register a specific scheme. <a href=#refsRFC4395>[RFC4395]</a></p>
Modified: source
===================================================================
--- source 2012-10-03 17:19:24 UTC (rev 7433)
+++ source 2012-10-05 22:47:53 UTC (rev 7434)
@@ -327,7 +327,6 @@
<li>The <code title="dom-document-cssElementMap">cssElementMap</code> feature for defining <span title="CSS element reference identifier">CSS element reference identifiers</span>.</li> <!--CSSREF-->
<li>Some predefined <a href="#mdvocabs">Microdata vocabularies</a>.</li>
<li>The <code>data</code> element for marking up machine-readable data.</li><!--DATA--><!--FORK-->
- <li>The <code title="scheme-http+aes">http+aes:</code> and <code title="scheme-http+aes">https+aes:</code> schemes.</li><!--FORK-->
<li>The <span>application cache</span> feature's <span title="concept-appcache-mode-prefer-online">prefer-online</span> mode.</li><!--FORK--><!--APPCACHE-PREFER-ONLINE-->
<li>The <code title="dom-TextTrack-inBandMetadataTrackDispatchType">TextTrack.inBandMetadataTrackDispatchType</code> feature for Internet-based TV broadcast.</li>
<li>HD variants of the <code>ImageData</code> API methods.</li>
@@ -112156,7 +112155,7 @@
<p>XML documents may contain a <code>DOCTYPE</code> if desired, but
this is not required to conform to this specification. This
specification does not define a public or system identifier, nor
- provide a format DTD.</p>
+ provide a formal DTD.</p>
<p class="note">According to the XML specification, XML processors
are not guaranteed to process the external DTD subset referenced in
@@ -119187,155 +119186,6 @@
<dt>Related information:</dt>
<dd>None.</dd>
</dl>
-
-<!--START w3c-html--><!--PING-->
-
-<!--END w3c-html--><!--FORK-->
- <h3><dfn title="scheme-http+aes"><code>http+aes</code> scheme</dfn></h3>
-
- <p>This section describes a URL scheme registration for the IANA URI
- scheme registry. <a href="#refsRFC4395">[RFC4395]</a></p>
-
- <dl>
- <dt>URI scheme name:</dt>
- <dd><code title="">http+aes</code></dd>
- <dt>Status:</dt>
- <dd>permanent</dd>
- <dt>URI scheme syntax:</dt>
- <dd>Same as <code title="">http</code>, with the <code
- title="">userinfo</code> component instead used for specifying the
- decryption key. (This key is provided in the form of 16, 24, or 32
- bytes encoded as ASCII and escaped as necessary using the URL
- escape mechanism; it is not in the "username:password" form, and
- the ":" character is not special in this component when using this
- scheme.)</dd>
- <dt>URI scheme semantics:</dt>
- <dd>Same as <code title="">http</code>, except that the message
- body must be decrypted by applying the AES-CTR algorithm using the
- key specified in the URL's <code title="">userinfo</code>
- component, after unescaping it from the URL syntax to bytes, and
- using a zero nonce. If there is no such component, or if that
- component, when unescaped from the URL syntax to bytes, does not
- consist of exactly 16, 24, or 32 bytes, then the user agent must
- act as if the resource could not be obtained due to a network
- error, and may report the problem to the user.</dd>
- <dt>Encoding considerations:</dt>
- <dd>Same as <code title="">http</code>, but the <code
- title="">userinfo</code> component represents bytes encoded using
- ASCII and the URL escape mechanism.</dd>
- <dt>Applications/protocols that use this URI scheme name:</dt>
- <dd>Same as <code title="">http</code>.</dd>
- <dt>Interoperability considerations:</dt>
- <dd>Same as <code title="">http</code>, but specifically for
- private resources that are hosted by untrusted intermediary servers
- as in a content delivery network.</dd>
-<!--ADD-TOPIC:Security-->
- <dt>Security considerations:</dt>
- <dd>
- <p>URLs using this scheme contain sensitive information (the key
- used to decrypt the referenced content) and as such should be
- handled with care, e.g. only sent over TLS-encrypted connections,
- and only sent to users who are authorized to access the encrypted
- content.</p>
- <p>User agents are encouraged to not show the key in user
- interface elements where the URL is displayed: first, it's ugly
- and not useful to the user; and second, it could be used to
- obscure the domain name.</p>
- <p>The <code title="">http+aes</code> URL scheme only enables the
- <em>content</em> of a particular resource to be encrypted. Any
- sensitive information held in HTTP headers is still transmitted in
- the clear. The length of the resource is still visible. The rate
- at which the data is transmitted is also unobscured. The name of
- the resource is not hidden. If this scheme is used to obscure
- private information, it is important to consider how these side
- channels might leak information.</p>
- <p class="example">For example, the length of a file containing
- only the user's age in seconds encoded in ASCII would easily let
- an attacker watching the network traffic or with access to the
- system hosting the files determine if the user was less than 3
- years old, less than 30 years old, or more than 30 years old, just
- from the length of the file. Padding the file to ten digits
- (either with trailing spaces or leading zeros) would make all ages
- from zero to three hundred indistinguishable.</p>
- <p class="example">Another example would be the file name.
- Consider a bank where each user first downloads a "data.json"
- file, which points to some other files for more data, such that
- users in debt download a "debt.json" file while users in credit
- download a "credit.json" file. In such a scenario, users can be
- categorised by an attacker watching network traffic or with access
- to the system hosting the files without the attacker ever having
- to decrypt the "data.json" files.</p>
- <p>Each resource encrypted in this fashion must use a fresh key.
- Otherwise, an attacker can use commonalities in the resources'
- plaintexts to determine the key and decrypt all the resources
- sharing a key.</p>
- <p>Authors should take care not to embed arbitrary content from
- the same site using the same scheme, as all content using the
- <code title="">http+aes</code> scheme on the same host (and same
- port) shares the same <span>origin</span> and can therefore leak
- the keys of any other content also opened at that origin. This
- problem can be mitigated using the <code>iframe</code> element and
- the <code title="attr-iframe-sandbox">sandbox</code>
- attribute to embed such content.</p>
- <p>The security considerations that apply to <code
- title="">http</code> apply as well.</p>
- </dd>
-<!--REMOVE-TOPIC:Security-->
- <dt>Contact:</dt>
- <dd>Ian Hickson <ian at hixie.ch></dd>
- <dt>Author/Change controller:</dt>
- <dd>Ian Hickson <ian at hixie.ch></dd>
- <dt>References:</dt>
- <dd>
- The <code title="">http</code> URL scheme is defined in:
- <a href="http://tools.ietf.org/html/draft-ietf-httpbis-p1-messaging">http://tools.ietf.org/html/draft-ietf-httpbis-p1-messaging</a>
- </dd>
- </dl>
-
-
- <h3><dfn title="scheme-https+aes"><code>https+aes</code> scheme</dfn></h3>
-
- <p>This section describes a URL scheme registration for the IANA URI
- scheme registry. <a href="#refsRFC4395">[RFC4395]</a></p>
-
- <dl>
- <dt>URI scheme name:</dt>
- <dd><code title="">https+aes</code></dd>
- <dt>Status:</dt>
- <dd>permanent</dd>
- <dt>URI scheme syntax:</dt>
- <dd>Same as <code title="">http+aes</code>.</dd>
- <dt>URI scheme semantics:</dt>
- <dd>Same as <code title="">http+aes</code>, but using HTTP over TLS
- (as in, HTTPS) instead of HTTP, and defaulting to the HTTPS port
- instead of HTTP's port.</dd>
- <dt>Encoding considerations:</dt>
- <dd>Same as <code title="">http+aes</code>.</dd>
- <dt>Applications/protocols that use this URI scheme name:</dt>
- <dd>Same as <code title="">https</code>.</dd>
- <dt>Interoperability considerations:</dt>
- <dd>Same as <code title="">https</code>, but specifically for
- private resources that are hosted by untrusted intermediary servers
- as in a content delivery network.</dd>
-<!--ADD-TOPIC:Security-->
- <dt>Security considerations:</dt>
- <dd>
- <p>The security considerations that apply to <code
- title="">http+aes</code> and <code title="">https</code> apply as
- well.</p>
- </dd>
-<!--REMOVE-TOPIC:Security-->
- <dt>Contact:</dt>
- <dd>Ian Hickson <ian at hixie.ch></dd>
- <dt>Author/Change controller:</dt>
- <dd>Ian Hickson <ian at hixie.ch></dd>
- <dt>References:</dt>
- <dd>
- The <code title="">https</code> URL scheme is defined in:
- <a href="http://tools.ietf.org/html/draft-ietf-httpbis-p1-messaging">http://tools.ietf.org/html/draft-ietf-httpbis-p1-messaging</a>
- </dd>
- </dl>
-<!--START w3c-html-->
More information about the Commit-Watchers
mailing list