http://princetonsns.disqus.com/Secure, Scalable, Self-Organizing, Storage, Self-Managing, Sensing, …enFri, 13 Nov 2009 20:08:35 -0000http://sns.cs.princeton.edu/2009/09/coralcdn-lesson-the-great-naming-conflation-of-the-web/#comment-22960368<p>Mike, that's a good point. I was listening to the radio last evening, and there is a group trying to do a .GAY top level domain. I thought it was interesting, because the person who is promoting that idea owns a for-profit business that plans on purchasing most of the popular domain names if .GAY gets the go ahead.</p>trustsFri, 13 Nov 2009 20:08:35 -0000http://sns.cs.princeton.edu/2009/09/coralcdn-lesson-the-great-naming-conflation-of-the-web/#comment-22958971<p>I'm not too worried about that. Much is just domain squatting anyway...</p>Mike FreedmanFri, 13 Nov 2009 19:27:30 -0000http://sns.cs.princeton.edu/2009/09/coralcdn-lesson-the-great-naming-conflation-of-the-web/#comment-19312575<p>Hi oobx,</p><p>Actually, the cookie issue is much less a security issue if you are a website that is trying to explicitly use CoralCDN for cached content. You should just specify that your code uses the full origin name when setting cookies: <a href="http://www.yoursite.com.nyud.net" rel="nofollow noopener" target="_blank" title="www.yoursite.com.nyud.net">www.yoursite.com.nyud.net</a>, instead of just setting a default of the domain.tld (i.e., <a href="http://nyud.net" rel="nofollow noopener" target="_blank" title="nyud.net">nyud.net</a>) for "ease of use". This is good security practice anyway: the principle of least privilege and all. Then a user from <a href="http://evil.com.nyud.net" rel="nofollow noopener" target="_blank" title="evil.com.nyud.net">evil.com.nyud.net</a> can't read cookies set to <a href="http://www.yoursite.com.nyud.net" rel="nofollow noopener" target="_blank" title="www.yoursite.com.nyud.net">www.yoursite.com.nyud.net</a>, as it fails the same origin policy check.</p><p>The problem I raise above is more when a website is being accessed by a Coralized URL and they are not similarly security conscious, so that they default to using the domain.tld, instead of the full origin name.</p><p>Let me know if that assuages your concern.</p>Mike FreedmanWed, 07 Oct 2009 11:20:14 -0000http://sns.cs.princeton.edu/2009/09/coralcdn-lesson-the-great-naming-conflation-of-the-web/#comment-18345594<p>I was just turned on to Coral and was pretty jazzed about it until I read your post. Google app engine as a CDN is what led me to Coral. GAE should not be subject to such security issues. I've not read your other posts; so please excuse my ignorance of firecoral, etc.</p><p>In trying to comprehend the scope of the security issues you raise, I conclude that only cookies set by <a href="http://nyud.net" rel="nofollow noopener" target="_blank" title="nyud.net">nyud.net</a>-cached content are vulnerable. So, I just use coral cache for images and truly static content.</p><p>But, what's to stop evildoer from linking to my script that sets cookies? Nothing. But, how would he gain the trust of the user in order for the user to click on the <a href="http://nyud.net" rel="nofollow noopener" target="_blank" title="nyud.net">nyud.net</a> link? Then, how would evildoer track that click and convince the user to go to the malicious site to hijack data?</p><p>Coral CDN sounds like a great asset for bandwidth-poor folks. I hope you can improve upon it. As is, it seems very workable so long as developers understand the caveats such as security and the potential to skew statistics.</p><p>Thanks for raising the issue.</p>oobxSat, 03 Oct 2009 00:42:04 -0000