Skip to content


[] (0) Remove the http+aes: feature due to lack of interest. If you'r…
Browse files Browse the repository at this point in the history
…e an implementor and _are_ interested, let me know, I'd be happy to put it back and maintain it.

Affected topics: HTML, HTML Syntax and Parsing, Security

git-svn-id: 340c8d12-0b0e-0410-8428-c7bf67bfef74
  • Loading branch information
Hixie committed Oct 5, 2012
1 parent 14abda1 commit 7364c6f
Show file tree
Hide file tree
Showing 3 changed files with 9 additions and 433 deletions.
145 changes: 4 additions & 141 deletions complete.html
Original file line number Diff line number Diff line change
Expand Up @@ -249,7 +249,7 @@

<header class=head id=head><p><a class=logo href=><img alt=WHATWG height=101 src=/images/logo width=101></a></p>
<hgroup><h1 class=allcaps>HTML</h1>
<h2 class="no-num no-toc">Living Standard &mdash; Last Updated 3 October 2012</h2>
<h2 class="no-num no-toc">Living Standard &mdash; Last Updated 5 October 2012</h2>
</hgroup><dl><dt><strong>Web developer edition:</strong></dt>
<dd><strong><a href=></a></strong></dd>
<dt>Multiple-page version:</dt>
Expand Down Expand Up @@ -1357,9 +1357,7 @@ <h2 class="no-num no-toc">Living Standard &mdash; Last Updated 3 October 2012</h
<li><a href=#application/microdata+json><span class=secno>16.7 </span><code>application/microdata+json</code></a></li>
<li><a href=#ping-from><span class=secno>16.8 </span><code>Ping-From</code></a></li>
<li><a href=#ping-to><span class=secno>16.9 </span><code>Ping-To</code></a></li>
<li><a href=#http+aes-scheme><span class=secno>16.10 </span><code>http+aes</code> scheme</a></li>
<li><a href=#https+aes-scheme><span class=secno>16.11 </span><code>https+aes</code> scheme</a></li>
<li><a href=#web+-scheme-prefix><span class=secno>16.12 </span><code>web+</code> scheme prefix</a></ol></li>
<li><a href=#web+-scheme-prefix><span class=secno>16.10 </span><code>web+</code> scheme prefix</a></ol></li>
<li><a class=no-num href=#index>Index</a>
<li><a class=no-num href=#elements-1>Elements</a></li>
Expand Down Expand Up @@ -1610,7 +1608,6 @@ <h6 class=no-toc id=how-do-the-whatwg-and-w3c-specifications-differ?><span class
<li>The <code title=dom-document-cssElementMap><a href=#dom-document-csselementmap>cssElementMap</a></code> feature for defining <a href=#css-element-reference-identifier title="CSS element reference identifier">CSS element reference identifiers</a>.</li> <!--CSSREF-->
<li>Some predefined <a href=#mdvocabs>Microdata vocabularies</a>.</li>
<li>The <code><a href=#the-data-element>data</a></code> element for marking up machine-readable data.</li><!--DATA--><!--FORK-->
<li>The <code title=scheme-http+aes><a href=#http+aes-scheme>http+aes:</a></code> and <code title=scheme-http+aes><a href=#http+aes-scheme>https+aes:</a></code> schemes.</li><!--FORK-->
<li>The <a href=#application-cache>application cache</a> feature's <a href=#concept-appcache-mode-prefer-online title=concept-appcache-mode-prefer-online>prefer-online</a> mode.</li><!--FORK--><!--APPCACHE-PREFER-ONLINE-->
<li>The <code title=dom-TextTrack-inBandMetadataTrackDispatchType><a href=#dom-texttrack-inbandmetadatatrackdispatchtype>TextTrack.inBandMetadataTrackDispatchType</a></code> feature for Internet-based TV broadcast.</li>
<li>HD variants of the <code><a href=#imagedata>ImageData</a></code> API methods.</li>
Expand Down Expand Up @@ -96816,7 +96813,7 @@ <h3 id=writing-xhtml-documents><span class=secno>13.1 </span>Writing XHTML docum
<p>XML documents may contain a <code>DOCTYPE</code> if desired, but
this is not required to conform to this specification. This
specification does not define a public or system identifier, nor
provide a format DTD.</p>
provide a formal DTD.</p>

<p class=note>According to the XML specification, XML processors
are not guaranteed to process the external DTD subset referenced in
Expand Down Expand Up @@ -102058,141 +102055,7 @@ <h3 id=ping-from><span class=secno>16.8 </span><dfn title=http-ping-from><code>P
<dt>Related information:</dt>
</dl><!--PING--><!--FORK--><h3 id=http+aes-scheme><span class=secno>16.10 </span><dfn title=scheme-http+aes><code>http+aes</code> scheme</dfn></h3>

<p>This section describes a URL scheme registration for the IANA URI
scheme registry. <a href=#refsRFC4395>[RFC4395]</a></p>

<dl><dt>URI scheme name:</dt>
<dd><code title="">http+aes</code></dd>
<dt>URI scheme syntax:</dt>
<dd>Same as <code title="">http</code>, with the <code title="">userinfo</code> component instead used for specifying the
decryption key. (This key is provided in the form of 16, 24, or 32
bytes encoded as ASCII and escaped as necessary using the URL
escape mechanism; it is not in the "username:password" form, and
the ":" character is not special in this component when using this
<dt>URI scheme semantics:</dt>
<dd>Same as <code title="">http</code>, except that the message
body must be decrypted by applying the AES-CTR algorithm using the
key specified in the URL's <code title="">userinfo</code>
component, after unescaping it from the URL syntax to bytes, and
using a zero nonce. If there is no such component, or if that
component, when unescaped from the URL syntax to bytes, does not
consist of exactly 16, 24, or 32 bytes, then the user agent must
act as if the resource could not be obtained due to a network
error, and may report the problem to the user.</dd>
<dt>Encoding considerations:</dt>
<dd>Same as <code title="">http</code>, but the <code title="">userinfo</code> component represents bytes encoded using
ASCII and the URL escape mechanism.</dd>
<dt>Applications/protocols that use this URI scheme name:</dt>
<dd>Same as <code title="">http</code>.</dd>
<dt>Interoperability considerations:</dt>
<dd>Same as <code title="">http</code>, but specifically for
private resources that are hosted by untrusted intermediary servers
as in a content delivery network.</dd>
<dt>Security considerations:</dt>
<p>URLs using this scheme contain sensitive information (the key
used to decrypt the referenced content) and as such should be
handled with care, e.g. only sent over TLS-encrypted connections,
and only sent to users who are authorized to access the encrypted
<p>User agents are encouraged to not show the key in user
interface elements where the URL is displayed: first, it's ugly
and not useful to the user; and second, it could be used to
obscure the domain name.</p>
<p>The <code title="">http+aes</code> URL scheme only enables the
<em>content</em> of a particular resource to be encrypted. Any
sensitive information held in HTTP headers is still transmitted in
the clear. The length of the resource is still visible. The rate
at which the data is transmitted is also unobscured. The name of
the resource is not hidden. If this scheme is used to obscure
private information, it is important to consider how these side
channels might leak information.</p>
<p class=example>For example, the length of a file containing
only the user's age in seconds encoded in ASCII would easily let
an attacker watching the network traffic or with access to the
system hosting the files determine if the user was less than 3
years old, less than 30 years old, or more than 30 years old, just
from the length of the file. Padding the file to ten digits
(either with trailing spaces or leading zeros) would make all ages
from zero to three hundred indistinguishable.</p>
<p class=example>Another example would be the file name.
Consider a bank where each user first downloads a "data.json"
file, which points to some other files for more data, such that
users in debt download a "debt.json" file while users in credit
download a "credit.json" file. In such a scenario, users can be
categorised by an attacker watching network traffic or with access
to the system hosting the files without the attacker ever having
to decrypt the "data.json" files.</p>
<p>Each resource encrypted in this fashion must use a fresh key.
Otherwise, an attacker can use commonalities in the resources'
plaintexts to determine the key and decrypt all the resources
sharing a key.</p>
<p>Authors should take care not to embed arbitrary content from
the same site using the same scheme, as all content using the
<code title="">http+aes</code> scheme on the same host (and same
port) shares the same <a href=#origin>origin</a> and can therefore leak
the keys of any other content also opened at that origin. This
problem can be mitigated using the <code><a href=#the-iframe-element>iframe</a></code> element and
the <code title=attr-iframe-sandbox><a href=#attr-iframe-sandbox>sandbox</a></code>
attribute to embed such content.</p>
<p>The security considerations that apply to <code title="">http</code> apply as well.</p>
<dd>Ian Hickson &lt;;</dd>
<dt>Author/Change controller:</dt>
<dd>Ian Hickson &lt;;</dd>
The <code title="">http</code> URL scheme is defined in:
<a href=></a>
</dl><h3 id=https+aes-scheme><span class=secno>16.11 </span><dfn title=scheme-https+aes><code>https+aes</code> scheme</dfn></h3>

<p>This section describes a URL scheme registration for the IANA URI
scheme registry. <a href=#refsRFC4395>[RFC4395]</a></p>

<dl><dt>URI scheme name:</dt>
<dd><code title="">https+aes</code></dd>
<dt>URI scheme syntax:</dt>
<dd>Same as <code title="">http+aes</code>.</dd>
<dt>URI scheme semantics:</dt>
<dd>Same as <code title="">http+aes</code>, but using HTTP over TLS
(as in, HTTPS) instead of HTTP, and defaulting to the HTTPS port
instead of HTTP's port.</dd>
<dt>Encoding considerations:</dt>
<dd>Same as <code title="">http+aes</code>.</dd>
<dt>Applications/protocols that use this URI scheme name:</dt>
<dd>Same as <code title="">https</code>.</dd>
<dt>Interoperability considerations:</dt>
<dd>Same as <code title="">https</code>, but specifically for
private resources that are hosted by untrusted intermediary servers
as in a content delivery network.</dd>
<dt>Security considerations:</dt>
<p>The security considerations that apply to <code title="">http+aes</code> and <code title="">https</code> apply as
<dd>Ian Hickson &lt;;</dd>
<dt>Author/Change controller:</dt>
<dd>Ian Hickson &lt;;</dd>
The <code title="">https</code> URL scheme is defined in:
<a href=></a>
</dl><h3 id=web+-scheme-prefix><span class=secno>16.12 </span><dfn title=scheme-web><code>web+</code> scheme prefix</dfn></h3>
</dl><h3 id=web+-scheme-prefix><span class=secno>16.10 </span><dfn title=scheme-web><code>web+</code> scheme prefix</dfn></h3>

<p>This section describes a convention for use with the IANA URI
scheme registry. It does not itself register a specific scheme. <a href=#refsRFC4395>[RFC4395]</a></p>
Expand Down

0 comments on commit 7364c6f

Please sign in to comment.