Schneier on Security
A blog covering security and security technology.
« London Bombing and the Usefulness of Terrorist Watch Lists |
| Causes of Suicide Terrorism »
July 15, 2005
Secure RSS Syndication
Seems like a good idea to me.
Posted on July 15, 2005 at 4:51 PM
• 12 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
Very cool. Page source shows this:
Yet the browser displays the message nicely (if only a bit slow).
Can we expect your blog to also be "Blowfished"?
1) Atom 1.0 is ready for developers as of earlier today (Friday). See atompub.org for the final draft. It still needs some paperwork before it's assigned an RFC number, but Tim Bray is assuring people that it is done.
2) There's been some thoughful discussion about how to apply XML Signatures to Atom in such a way that they'll endure aggregration. the following threads are the most recent discussions
If something like this becomes standardized and commonplace, I can imagine places like Salon, New York Times, encrypting RSS feeds on the fly based on userid for subscription purposes.
The other interesting thing that comes to mind, is why can't something like this replace/compliment simple HTTP authentication? Have something like:
1) Browser prompts for username / password.
2) Client sends username to server.
3) Server encodes content using password on file.
4) Server sends encrypted content.
5) Client decrypts content with password.
Granted this wouldn't work too well with scripts, but a solution like this wouldn't have any sort of per-session password exchange.
Just an idea, not necessarily a good or bad one. Any thoughts are welcome.
I think we should be careful about the applications of using encrypted feeds for RSS. I can see the point if the system is used internally for proprietary industrial information at various corporations, or even for restricted information transmitted across milnet and it's equivalents.
However, I'm sure there will be a rush of RSS readers that advertise some form of encryption as an enhanced featuire, probably for an enhanced price. For the average home user, unless there are documented security weaknesses in the reader applications, then do we really need 128-bit super-blah quantum-encrypted RSS feeds from the Reuters or BBC websites?
In perspective, I think for the home user encrypted RSS technology seems to be unnecessary.
I agree with DarkFire, in most cases, there does not need to be any true encryption. If you want to sign the information against a GPG signature or a certificate to provide for "palusible denability" and protection of your feed's (and your own) reputation, then I'm with you on that. But if you just want to secure the connection, then that is technically a fait accompli--I just don't see a reason for the home user to need something like this. For most restricted systems, you already know whom you are going to let in or block, and this is already handled via the http server in many cases. As for the NYT example, they don't publish much information in their RSS, so they _wouldn't_want_ to encrypt it or access control it--they do that on the main site (after somebody has decided that they want to read that article that they saw in the feed, for instance).
If the RSS were encrypted per user, it'd be possible for a place like the NYT to supply more services to a place like Google News, and less to a standard person trying to get at an RSS feed.
I can imagine newspapers using a technology like this to make themselves more prominent without giving up all their content for free, or at least without all the forced registration crap.
@Darkfire and @RvnPhnx,
Isn't the goal of secure RSS feeds to prevent viruses/worms to create more zombies ?
To be honest I don't know enough about the technical details of RSS to comment much further. I guess that if it's designed to be hardened against unwanted inclusions such as worms then I'd say that encryption isn't necessary.
However, if security problems to exist and the feeds are open to hotile code inclusion, then I suppose encrypting the feeds would be an excellent idea.
I've been wondering if this approach can be used for the HTML in general (not just RSS).
from http://weblog.smirnov.ca/2005/07/... :
"The beauty of this idea is also in its generalization. Online server-side RSS aggregators like bloglines or NewGator Online is just kind of a web application. Imagine a client-side script that is put in change of decrypting entire HTML page that comes from any server. Suddenly, you don't need to trust the server with your password. And that means you can host private content on untrusted server."
You could put a little encrypted RSS document on your webpages with your passwords in it that only you could see.
See the thread starting here: http://www.mozdev.org/pipermail/greasemonkey/...
This comment says it all: http://www.mozdev.org/pipermail/greasemonkey/...
Uninstall Greasemonkey altogether. At this point, I don't trust having it on my computer at all. I would think that whoever is in charge of addons.mozilla.org should immediately remove the Greasemonkey XPI and post a large warning in its place advising people to uninstall it.
By the way, "Greasemonkey Hacks" is DEAD until we fix this. And I'm posting a big red blinking warning on every page of diveintogreasemonkey.org advising visitors to uninstall it, until all of these security holes are closed. This is why God invented the [blink] tag.
This is a bad idea. If you don't change your password for each page, all cached/saved/sniffed copies of these pages will be viewable in the future if your password is ever compromised.
An application like this BEGS for perfect forward secrecy. Even better, just set up apache+mod_ssl on your home PC.
Schneier.com is a personal website. Opinions expressed are not necessarily those of BT.