[Chandler-dev] Re: [Cosmo-dev] Re: [Dev] Re: [Cosmo] Apple iCal & cosmo-demo

Sheila Mooney sheila at osafoundation.org
Wed Mar 15 14:19:00 PST 2006


So at this point I would like to go ahead and table this discussion  
for now. I think I have a pretty good understanding of the  
alternatives/pros/cons/user implications etc. I will own whatever the  
appropriate next steps are to get this resolved (contacting Apple  
etc). I will assign this bug to myself.

Sheila

On Mar 15, 2006, at 2:06 PM, Mimi Yin wrote:

> Hi Heikki,
>
> I think the UI problem we face is how do we communicate to the user  
> to do that?
>
> Chandler user sends an URL to an iCal user:
>
> A) How does the Chandler user know which URL to send. Can they send  
> either read-only or read-write? Or do both work?
>
> B) iCAL user receives URL, has never heard of Chandler. How will  
> iCAL user know to remove the "s"?
>
> I think our over-arching goal is still to Get Users. We think  
> interoperability is on the critical path to getting users. iCal is  
> the only calendar client we interoperate with today.
>
> I don't have an opinion on turning off HTTPS. For some people,  
> security will be more important than interoperating with iCal. For  
> others it won't be. But I think we can come up with a solution that  
> makes iCal interoperability discoverable without putting people's  
> data at risk.
>
> Mimi :o)
>
> On Mar 15, 2006, at 1:36 PM, Heikki Toivonen wrote:
>
>> Mimi Yin wrote:
>>> Is it a security boo-boo to have the HTTP port open at all on
>>> cosmo-demo? Or is it only a security risk once you've handed out the
>>> HTTP URL/ticket?
>>>
>>> What I'm getting at is: Can we leave it up to the user to decide  
>>> whether
>>> they want to share with iCal users bad enough that they don't  
>>> care about
>>> doing it via a secure port? (It is our single usable/testable  
>>> interop
>>> scenario and probably will be for a while.)
>>
>> If the goal is to have no code changes in Cosmo, it seems like the  
>> URLs
>> would only differ in one 's' letter - http and https. So even if you
>> gave an https URL to someone else, they would be able to simply  
>> take out
>> the 's' and it would work. So in that sense it makes the SSL almost
>> irrelevant since anyone who gets a secure URL can make it insecure
>> either deliberately or by accident.
>>
>> I mentioned why taking SSL out is bad in
>> https://bugzilla.osafoundation.org/show_bug.cgi?id=5325#c5 but I am
>> copying it here:
>>
>> The major problem I see with disabling SSL for cosmo-demo is that it
>> exposes usernames and passwords, including the administrator account.
>> Many people recycle usernames and passwords, meaning that if a hacker
>> gets a hold of their login information on one service it is very  
>> likely
>> that they can use that information to break into other services.
>>
>> Of course, all tickets (inluding read-write) and all the data is also
>> exposed. Not using SSL also means that it is possible to re-route the
>> traffic to malicious servers (imagine syncing up and getting <insert
>> something illegal>).
>>
>>
>> We have plenty of contacts at Apple. I would like to see if there  
>> is any
>> hope in getting Apple to make a quick change to re-enable https  
>> before
>> we switch SSL off or providing unencrypted port for cosmo-demo.
>>
>> -- 
>>   Heikki Toivonen
>>
>>
>> _______________________________________________
>> cosmo-dev mailing list
>> cosmo-dev at lists.osafoundation.org
>> http://lists.osafoundation.org/mailman/listinfo/cosmo-dev
>
> _______________________________________________
> cosmo-dev mailing list
> cosmo-dev at lists.osafoundation.org
> http://lists.osafoundation.org/mailman/listinfo/cosmo-dev



More information about the chandler-dev mailing list