Shen: A Security Scheme for the World Wide Web
Encryption Mechanisms
It is to be expected that any data transmitted in encrypted form is
likely to be stored in encrypted form also. In the case of servers this
may be considered advisable, in the case of clients this may be
considered mandatory.
HTTP header lines are used for both potentialy confidential data
such as content type information and information required by the
protocol. In addition when a message passes through a gateway or proxy
it may be necessary to modify header items or incorporate additional
ones.
Summary of Tags
The tag Proc-Type: 4 tag is implicit in the HTTP/1.1
version identifier. The Proc-Type tag may not be used to
override the PEM version nummber. The keys MIC-only and MIC-clear are
redundant since the content encoding may be given separately.
- Date:Weekday, DD-Mon-YY HH:MM:SS GMT
- All authentificated messages should be dated to guard against
replay type attacks. The recipient should check that the date is within
permitted limits. Note that the timezone GMT is mandatory. This field
should not be encrypted since the server may wish to perform checking on
this field prior to decryption as a guard against denial of service type
attacks.
- Originator-ID-Symmetric uuencoded..recipient..id
-
- Originator-ID-Asymmetric uuencoded..recipient..id
-
- Recipient-ID-Asymmetric uuencoded..recipient..id
-
- MIC-Info RSA-MD5, RSA, uuencoded..signature===
- Contains a message digest of the body of the message signed with
the secret component of the issuers signature key.
- Originator-Certificate
-
- Issuer-Certificate
-
- DEK-Info: DES-CBC,hexadecimalparameter
- Key and parameters for the encryption algorithm used.
- Key-Info RSA, uuencoded..encrypted..session.key...==
- The session key in uuencoded form encrypted with the public key of
the preceeding recipient id.
The following tags have been added.
- Prohibit: [cache] [storage] [modification]
- Explicitly forbids caching, modification or storage of the data.
- Authorized-Role: rolename [,rolename]
- Specifies that the sender claims the stated role names. Such
claims should not be accepted as valid unless certified as such by the
signature of an authorised garantor.
- MIC-Head:
- MIC signature of message head up to an including the CRLF pair
preceeding this header item. All MIC elements are evaluated within the
scope. If multiple MIC-Head elements are used the boundaries of each
one will be different.
- Secret-Header: [parameter]
- The parameter contains a series of encrypted header items. The
items should be decrypted and the decrypted text read as if they were
ordinary headers placed at that point. the substitution should hold for
all purposes except the calculation of MIC digests which shall used the
original encoded form..
- Anonymous-ID : session_id, thread, serial
- The session_id is a secure cryptographic hash of a number of
parameters guaranteed (bar random chance) to provide a unique session
identified. The serial number is guaranteed to increase monotonically
for a given thread and session id value pair.
- Digest-Boundary: [parameter]
- Calculate digest boundaries from the current line. This tag allows
the calculation of seaprate digests for parts of the header generated
separately. An optional parameter may be used to prime the digest with
a randomly generated value.
Summary of Responses
- 405 Out of time.
- In order to facilitate the debugging of problems due to baddly
matched clocks on communicating machines the out of time response may be
issued instead of 401 Unauthorized. Such a response should have a header
with a Date: field with the server time value.
Phillip M. Hallam-Baker CERN Programming Techniques Group
hallam@alws.cern.ch Version 1.0R1