[Chandler-dev] Re: [Cosmo-dev] Re: [Dev] Re: [Cosmo] Apple iCal & cosmo-demo

Mimi Yin mimi at osafoundation.org
Wed Mar 15 14:06:32 PST 2006 

Hi Heikki,

I think the UI problem we face is how do we communicate to the user  
to do that?

Chandler user sends an URL to an iCal user:

A) How does the Chandler user know which URL to send. Can they send  
either read-only or read-write? Or do both work?

B) iCAL user receives URL, has never heard of Chandler. How will iCAL  
user know to remove the "s"?

I think our over-arching goal is still to Get Users. We think  
interoperability is on the critical path to getting users. iCal is  
the only calendar client we interoperate with today.

I don't have an opinion on turning off HTTPS. For some people,  
security will be more important than interoperating with iCal. For  
others it won't be. But I think we can come up with a solution that  
makes iCal interoperability discoverable without putting people's  
data at risk.

Mimi :o)

On Mar 15, 2006, at 1:36 PM, Heikki Toivonen wrote:

> Mimi Yin wrote:
>> Is it a security boo-boo to have the HTTP port open at all on
>> cosmo-demo? Or is it only a security risk once you've handed out the
>> HTTP URL/ticket?
>>
>> What I'm getting at is: Can we leave it up to the user to decide  
>> whether
>> they want to share with iCal users bad enough that they don't care  
>> about
>> doing it via a secure port? (It is our single usable/testable interop
>> scenario and probably will be for a while.)
>
> If the goal is to have no code changes in Cosmo, it seems like the  
> URLs
> would only differ in one 's' letter - http and https. So even if you
> gave an https URL to someone else, they would be able to simply  
> take out
> the 's' and it would work. So in that sense it makes the SSL almost
> irrelevant since anyone who gets a secure URL can make it insecure
> either deliberately or by accident.
>
> I mentioned why taking SSL out is bad in
> https://bugzilla.osafoundation.org/show_bug.cgi?id=5325#c5 but I am
> copying it here:
>
> The major problem I see with disabling SSL for cosmo-demo is that it
> exposes usernames and passwords, including the administrator account.
> Many people recycle usernames and passwords, meaning that if a hacker
> gets a hold of their login information on one service it is very  
> likely
> that they can use that information to break into other services.
>
> Of course, all tickets (inluding read-write) and all the data is also
> exposed. Not using SSL also means that it is possible to re-route the
> traffic to malicious servers (imagine syncing up and getting <insert
> something illegal>).
>
>
> We have plenty of contacts at Apple. I would like to see if there  
> is any
> hope in getting Apple to make a quick change to re-enable https before
> we switch SSL off or providing unencrypted port for cosmo-demo.
>
> -- 
>   Heikki Toivonen
>
>
> _______________________________________________
> cosmo-dev mailing list
> cosmo-dev at lists.osafoundation.org
> http://lists.osafoundation.org/mailman/listinfo/cosmo-dev

More information about the cosmo-dev mailing list