Digital Signature Project

coupling the ability to make assertions with a cryptographic signature block that ensures integrity and authenticity.
Intellectual Property Rights Management
using a meta-data system to label Web resources with respect to their authors, owners, and rights management information.

Privacy (P3)

Using a meta-data system to allow sites to make assertions about their privacy practices, and for users to express their preferences for the type of interaction they want to have with those sites.

Regardless of content control, meta-data systems such as PICS are going to be an important part of the Web, because they enable more sophisticated commerce (build and manage trust relationships), communication, indexing, and searching services.

“The promise of digital commerce is that it will allow you to use the Internet to purchase the services of the best organic gardening advisors or mad cow disease specialists, whether they live in Santa Clara or Timbuktu. To do this, you need to do more than verify that the person at the other end of the wire is who he says he is. You need to assess competence, reliability, judgment. In other words, you need a system of branding, but applied much more widely for highly specialized and hard-to-evaluate services and products. You need value-added services that will not only lead you to the right product or service but also rate its quality or otherwise vouch for it.”

Why do we need CC/PP?

With the growing popularity of ubiquitous Web devices spread across such a broad range of media and bandwidth, authoring for the Web can sometimes look like a very difficult equation to solve: how can a Web author provide cool multimedia Web content, while keeping that content small and simple enough for very basic devices?

Managing multiple devices is not a new problem, and even though the rapid growth of Web appliances beyond the familiar Web browser makes the challenge especially acute, a few solutions have been developed over the years.

Most of these solutions are based on content selection: the content is given in several equivalent variants, or has mechanisms to define alternative behaviour. Then, at the time the resource is served, either the server chooses which variant is most suitable, or the user agent decides what to do with the choices it is given.

This is easily achieved because user agents identify themselves to servers and scripting languages, and through specific features included in Web document languages:

• Server-driven content negotiation, as defined by HTTP,
• On-the-fly content selection and presentation based on user agent detection, using scripting languages,
• HTML object and link elements have mechanisms defining alternate behaviours,
• SMIL (pronounced “smile”), the multimedia language for audio/visual content, has a switch element defining alternate elements to chose from, and can be used, for example, to choose some content based on available bandwidth,
• CSS also has such a mechanism called Media Queries for selecting appropriate style sheets.

Read more on the shortcomings of current methods on Web Standards

Test, Test, Test

The first thing you should do after P3P-enabling a Web site is to test it to make sure your P3P implementation is correct and that it works. This should be done using the W3C’s P3P Validator and using at least one P3P user agent.

You can use the P3P Validator to check to make sure your P3P files are syntactically correct and placed in the appropriate location on your Web server. If the validator reports any errors, read them carefully, and work through them one at a time until you get a successful validation report. Unfortunately, bugs are still being found in the validator from time to time, so in some rare cases, valid sites do not validate, or errors are not caught. Therefore it is a good idea to review the list of known bugs on the validator Web site and check to see if any of them may be applicable to you. If you have configured your Web server to issue P3P headers, you need to make sure that your server is actually issuing those headers. The validator report will indicate whether or not the validator received any valid P3P headers from your Web site.

Once you have validated your site, you should test it with at least one P3P user agent, and, if possible, with all P3P user agents that visitors to your site might be using. Right now I would advise Webmasters test their P3P implementations using IE6, Netscape 7, and the AT&T Privacy Bird. The first thing to test with all three of these P3P user agents is whether they can produce a human-readable summary of your site’s P3P policy. You can get that summary with Privacy Bird by clicking on the bird and selecting Policy Summary from the About This Site menu. IE6 will produce a policy summary if you select Privacy Report from the View Menu. In Netscape 7 you will need to go to the View menu, select Page Info, go to the Privacy tab, and click on the Summary button.

Besides verifying that all three user agents can produce a policy summary, you should also read the summaries and make sure they accurately reflect your privacy policy. This is a good way to spot any errors you may have made when encoding your privacy policy in XML. While we have found some rare cases where valid P3P policies are not properly displayed, or not displayed at all by one or more P3P user agents, generally, if your policy does not display properly, it indicates there is something wrong with your policy. If you make changes to your policy, you may need to clear your browser’s cache or the Privacy Bird’s cache before you see an updated policy summary.

Read entire article on: http://www.oreillynet.com/pub/a/javascript/2002/11/19/p3p.html

Here’s book that’s valuable today and indispensable for the future. It includes basic and advanced techniques for client-side and server-side security, browser security, writing secure CGI scripts, firewalls, and secure e-commerce. There’s a special appendix that demystifies the complex world of cryptography. And the book comes with access to a dedicated Web site containing up-to-the-minute information on the latest security threats and solutions. So whether you’re a Webmaster trying to close the door on sites and applications, or an everyday user hoping to keep your desktop safe, this is your essential source on protecting and securing Web pages, search engines, servers, and browsers; writing impregnable applets and scripts, and avoiding the dangers inherent in every language; using (and abusing) firewalls and cryptographic controls; and securing commerce and payment transactions.

The technical tools and techniques for building secure Web sites and applications

The Web has made it easier to transfer information around the world. It has also made it harder to keep that information secure. This book shows Web masters, Web managers, and Web designers the hands on programming techniques necessary to build secure Web sites. Readers will learn how to secure the server, use firewalls and cryptography, write secure Java applets and CGI scripts and more. Companion Web Site includes source code examples plus updates on the latest security threats and techniques.

From the Back Cover “The authors . . . bring wide-ranging experience to this work, moving from theory to hands-on, bit-shoveling practical advice.” –Steven M. Bellovin A serious security sourcebook for Web professionals and users. The front door is unlocked and wide open. The alarm’s not working and no one’s home. All of your valuables, money, and intimate details of your life are just sitting inside, waiting to be taken. No, it’s not your house . . . it’s your computer. The Web now penetrates every aspect of our lives, from the home PC to the business office. But with each advance in convenience comes a geometric increase in vulnerability to the integrity of data and software as well as to the confidentiality of information. Although the flaws inherent in the Web are real, solutions are available. Let Aviel Rubin, Daniel Geer, and Marcus Ranum give you the answers. Here’s a book that’s valuable today and indispensable for the future. It includes basic and advanced techniques for client-side and server-side security, browser security, writing secure CGI scripts, firewalls, and secure e-commerce. There’s a special appendix that demystifies the complex world of cryptography. And the book comes with access to a dedicated Web site containing up-to-the-minute information on the latest security threats and solutions. So whether you’re a Webmaster trying to close the door on sites and applications, or an everyday user hoping to keep your desktop safe, this is your essential source on: *Protecting and securing Web pages, search engines, servers, and browsers *Writing impregnable applets and scripts, and avoiding the dangers inherent in every language *Using (and abusing) firewalls and cryptographic controls *Securing commerce and payment transactions

Source : http://avirubin.com/books/book1/

Lists of PICS-compatible products and services

Technology Inventory [broken link as of July 2005]. Lorrie Cranor and Paul Resnick. This inventory was first distributed at the December 1997 Internet On-line summit: Focus on Children. The on-line version was updated until the summer of 1999. It also lists some products and services that are not PICS-compatible.

The following resource lists are being maintained by members of the PICS developers’ community. Contact the maintainer of each individual list with additional links.

• Client software [broken link as of July 2005] that reads PICS labels.
• HTTP servers that distribute labels along with documents.
• Proxy servers [broken link as of July 2005] that perform filtering based on PICSRules.
• Label bureaus: HTTP servers that distribute third-party PICS labels through the PICS label bureau query protocol.
• Rating services
• Search engine that can use PICS labels in its selection criteria

Innovative Uses of PICS Labels

The most common uses of PICS labels have been in filtering products that block access to certain materials based on labels associated with those materials. The technology inventory, however, identifies a range of other actions that can be taken based on labels: suggest, search, inform, monitor/log, and warn.

Source: W3C

Web-based services are supplanting traditional desktop software at a blinding pace, taking over terabytes of personal data in the process. Unlimited e-mail storage and Web 2.0-style start-ups will accelerate that trend even more.

Yet access to those massive and indispensable resources is generally gated by a handful of large, profit-driven corporations. Microsoft, Google, Yahoo, America Online and other leading companies have largely built the services that much of the world has come to rely on in everyday life–making them, in effect, the guardians of our most sensitive information.

Which raises an obvious question: Is that a good idea? The most disturbing answer, if history is any guide, is that we may not have much of a choice.

It’s disturbing on many levels, but mostly because the industry is basically making up Web security as it goes along. As security executives from Microsoft, Google and Yahoo attest, the companies are in many cases adapting standard desktop security techniques to new Web applications. Sometimes that works; sometimes it doesn’t.

“Data is now available online, all the time,” said Billy Hoffman, lead researcher at Web security specialist SPI Dynamics. “It’s a great big target.”

Hoffman’s job is to understand where Web security breaks down. The way he sees it, the Big Three Web properties are doing a fairly good job with security, at least on the server end of the equation. The wild card is what happens to that data once it leaves the Googleplex, travels across the network, and gets cached on users’ desktops.

Since 1999, more than 90 percent of all documents have been produced digitally; more than 42 percent of all U.S. Internet users have Web-based banking services; and more than 160 billion e-mail messages are sent daily, according to computer services firm CSC and other sources. As the data piles up, it becomes harder to secure bits flowing between servers and desktop Web applications, not to mention the additional complexity of mashups and other Web 2.0 technologies. Simultaneously, attacks are on the rise.

The bottom line is that we’re entering unexplored territory where an unprecedented number of people depend on a growing number of relatively new applications, some built with still-evolving technologies, to handle enormous amounts of personal data fragmented across a multiplicity of servers and networks worldwide. Against this daunting backdrop–and amid concerns over corporate control–calls for some kind of independent oversight are inevitable.

“We have information on security practices out there. The disconnect is that we don’t have an intermediary that says how these things apply to you as you build Web 2.0 or other applications,” Hoffman said. “Will a nonprofit or some other group arise that tries to publish standards? Probably. We definitely need a central clearing house of good information, because there is a lot of bad information out there.”

Continue reading article on News.com

• PICS for Users (Parents and Educators)
• PICS for Content Providers
• Tools for Content Providers

PICS for Users

While PICS is vendor and platform-independant, the major browser currently with PICS support is Internet Explorer.

In Internet Explorer, the PICS settings are found under View –> Options –> Security: Content Advisor. Internet Explorer comes preloaded with the RSAC ratings file, which is usually located in C:\WINDOWS\System\Rsaci.rat. You should be able to view this file with Notepad or other text editor; the syntax is described here at W3.org.

More than one ratings file can be installed

To install a new ratings file, download the file from the ratings service (for example, VWP1.0.rat here) into the C:\WINDOWS\System directory (actually, it doesn’t matter where, but this is the default). It should have a .rat extension. Next, in Content Advisor –> Settings –> Advanced –> Ratings Systems, select Add, then the new ratings file, then OK. Returning to the Content Advisor –> Ratings menu, you will see entries for the new ratings scheme. Typically a list of topics is presented with a slider bar for each. Move the slider bar to the highest setting in each category you wish to be able to view. You should be able to contact the ratings service for more information by clicking the More Info button (for example, VWP1.0 here).

When the Content Advisor is enabled, you can select (in Settings –> General) whether to allow viewing of unrated sites. If you select Yes, then only pages with a PICS rating exceeding your preset limits will be blocked. Unrated sites will not be blocked, no matter what their content.

If you select No, then only pages with a PICS rating can be viewed. If a page is rated with a scheme you do not have installed, you will see a message telling you how to contact the rating service. You should then receive instructions on downloading the ratings files; if not, try here at W3.org. If a page is rated with two schemes, and you have only one installed, you will not see any message. If you have both schemes installed, then the limits of both schemes must be met before a page can be viewed. A message will be shown explaining which limit(s) are exceeded. If the header for one scheme is invalid or has expired, but the other is valid, you will see no message (unless the ratings are over limit). If all the headers are invalid or expired, you will see a warning message.

At this time (IE version 3.0), only Web pages appear to be checked by Internet Explorer, though the PICS protocol may be applied to other media such as Usenet messages, IRC channels, chat rooms, etc.. As a rating method, it is sufficiently flexible to be extended to other electronic media such as CD-ROMs, and conceivably audio CDs, television programs and the like.

PICS for Content Developers

For a content developer, installing PICS usually means running a PICS generator such as this one, and including the resulting META data in the document header.

PICS allows for generic and specific labels. Generic labels apply to any document whose URL begins with a specific string of characters. Specific labels apply only to a given file.

In version 3.0 of Internet Explorer, the browser first checks the document itself for PICS data as Metadata in the document head, and also as an HTTP header. If this does not exist, it gets the homepage for the site (formed by stripping all path and filenames from the URL) and checks that. It does not check for an index page in the current directory. Thus in Internet Explorer, specific labels override generic labels. The only generic label is that of the homepage. Note that where a for option is used, in declaring a generic label, that the specified URL must match the one that the user sees. This may not always be the case when a server has more than one name, or is addressed by a short from from within the users domain.

Using more than one rating service

PICS labels may be concatenated, for instance:

<HTML><HEAD><TITLE>Joes Bookstore</TITLE>
<META http-equiv=”PICS-Label” content=’(PICS-1.1
“http://www.service1.org/v1.0″
labels on “1996.10.05T05:15-0500″
for “http://www.my.org/etc/mypage.html”
ratings (s 0 v 0 g 0)
“http://www.service2.org/v1.2″
labels on “1996.10.05T08:15-0700″
for “http://www.my.org/etc/mypage.html”
ratings (com 2 edu 1)
)’>
</HEAD>

Although HTML allows more than one META tag of one type, Internet Explorer does not currently support this.

Note that if the user only has one scheme installed, that no message will be generated if that one is under limits (the second scheme will be ignored).

Applying PICS headers to a non-HTML document

It is possible to apply a PICS header to a file such as a movie, PDF or VRML file by generating an HTTP header. Some servers, such as Apache or CERN httpd allow the use of a metafile attached to a document which contains extra HTTP headers not normally generated by the server. A header such as

PICS-Label: (PICS-1.1 “http://www.service2.org/v1.2″ r (s 0 v 0 g 0))

may be specified. Internet Explorer does not appear to support this use inside a /cgi-bin/ directory, though. (A METAdata header may be generated instead).

Tools

• add-PICS.pl - Perl script to add/replace generic PICS METAdata
• rat2html.pl - Perl script to generate an HTML form from a .rat ratings file (limited subset only)
• mk-PICS.pl - Perl script to generate HTML METAdata and HTTP headers from the abovementioned form.

DSS was originally proposed back in 2002 when the organization first formed a technical committee to develop XML-based protocols for digital signatures and cryptographic timestamping in Web services transactions. The core protocol involves digital signing processes, whereby a user can send documents to a server and receive back an electronic signature on the documents, or send both documents and a signature to a server and receive an answer as to whether or not the signature verifies the documents. The key part of the signature is a Base64-encoded binary and can be either a CMS (Cryptographic Message Syntax) or PGP (Pretty Good Privacy) key. This is all wrapped up, along with a timestamp and other optional elements, in an XML container.

The primary benefit of a standardized method for digital signatures is that it will make it easier for web-based applications that require such a feature—primarily e-commerce sites—to be able to handle the task without writing custom code for each project. With an agreed-upon standard, companies could use a separate server for signature services or even contract it out to a third party. OASIS says that the Universal Postage Union—a United Nations agency—collaborated in the development of the DSS standard and is now incorporating it into its Electronic Post Mark system. The EPM system is designed to facilitate international commerce by standardizing document and information exchange.

Continue reading this article on Ars Technica

As noted above, Firefox is making great strides when it comes to its user base. Many developers are actively promoting the use of Firefox, whether it’s by developing sites specifically for the browser, or encouraging users to download it and give it a try, promoting it as a more secure alternative to MSIE. So what’s so special about this browser?

Firefox Security

We asked Chris what he sees as the single most important feature for a web browser. He explained: “Most people try out Firefox because they have heard it provides a solution for the many security and privacy problems they have encountered with Internet Explorer. AOL and Earthlink studies reported in a US congressional hearing showed that as many of 80% of [Microsoft] Windows and Internet Explorer (IE) users have been impacted by Spyware, Adware, Viruses and Security Exploits that have been tied to Windows and IE. Kim Komando of USA today has a good recent write up of how users are affected. Firefox does not provide or support ActiveX or the complex security zone model that is built into IE.”

When asked why they don’t support ActiveX, Chris replied: “Firefox doesn’t provide support for proprietary technologies such as ActiveX and the Microsoft Security Zone model [because] these two features set up the possibility for the silent download, installation, and execution of remote code as a feature of the browser. It’s a powerful feature that web developers can take advantage of, but has also proven to be a feature that is prone to security and privacy problems. In the late 1990’s, security experts warned of the potential problems with ActiveX and security zones. This article published in 2002 about the most ‘Dangerous Software Ever Written’ highlighted many of the problems that have recently been exposed as security exploits. It wasn’t until six months later that Microsoft announced their ‘Trusted Computing Initiative.’ 18 months after that, Microsoft provided the first steps toward securing problems in IE with the release of Windows XP Service Pack 2.”

“The different approach taken on the Mozilla Project is to keep users in control and aware of dangerous actions like downloading, installation, and execution of remote code. We also think it is important to engage security experts on the Mozilla project (any security researcher can download all the code), encourage security research (we offer $500 bug bounties to encourage research), and to act quickly on the feedback we get from these experts. A study by scanit.be (an independent security research firm) shows the dramatic difference in response time and the ability to stay on top of security problems between Microsoft and the Mozilla Project.”

Continue to read article on Webreference.

At the moment, we have a useful description format in development by the W3C for composite capabilities/Preference Profiles. These profiles will hopefully enable us to deliver a content-specific Internet for the near future. However, at the moment we are missing the key link; which this document will hopefully start to fill in.

The CC/PP Description Format (Vocabulary and Structure), provides a format for preference profiles. These profiles define many characteristics through the use of DF and RDF Schema. As this is still in development, it would be terse to suggest leaping ahead, but we at least need to get started on the nex two stages of CC/PP - a protocol, and an implementation system. As you will know, a protocol is starting to be developed, championed by Johan Hjelm. The CC/PP exchange protocol specifies a means for transferring CC/PP DF information between servers and clients, as well as intermediaries (e.g. proxies). (N.B. Due to reasons expressed later, I believe that the best way forward is an exchange format basd on the transferral of profile URIs, rather than data itself, except for clients that may have to transmit a small built in profile.)

TThe next step as far as the W3C should be concerned is actually ealing with CC/PP - implementing it. The most useful and under-talked application for it at the moment, as the W3C keeps telling us, is DTPP - Document Transformation Preference Profiling.
Document Transformation Preference Profiling

DTPP concerns the transformation of documents as they pass through a CC/PP system. For example, a document can be transformed by extension, restriction, replacement, or processing (e.g. XSLT).

As an example, you may have an XHTML 1.1 document with a profile in it. This profile could ouline that the document may be pared down to to XHTML Basic, transformed to another XHTML Family by XSLT, or replaced by a WML file. As yet there is no method for doing this, which is why I am hoping DTPP will be taken seriously in future.

What wmainly have to deal with is a new kind of method for specifying different stages in the CC/PP chain - from source to output. Then each of these stages will have a different kind of CC/PP processing taking palce. For example:

XHTML 1.1 GET (HTTP/1.1) => profile indicates “source”[1]
/\ \/ XSLT to XHTML Basic allowed \/
/\ Transformation[2]
Client requests XHTML Basic \/
[4] /\ <= <= [3]Output delivered back to client

In this case, the following statuses will apply:
[1] Source document
[2] Transformation (drivers and content)
[3] Output
[4] Cachable output

This is only a very simple example. The fun comes when you have a lengthy profile that indicates multiple transformations are allowable.

DTPP, by adding the statuses, allows different processing to take place at different times in the CC/PP system.
Profile Processing

The main purpose of DTPP, when it is developed, will be to provide a means of processing profiles (possibly by XSLT), to provide the engine for transformability. The W3C alays emphasize that the CC/PP answer is needed for a rapidly emerging 3G world. The fact that voice browsers and fridges will be able to have custom delivered content is very great indeed, and CC/PP needs the full backing of the general community.

Using profile statuses, the processor will know “what needs to be one next” in the chain of comand. USing profile processing, this can then be carried out, passing the source document through a chain of transformations until it reaches the desired output status.

The primary objective for CC/PP should come from a standpoint of usability. The general public want to be able to write a single document, and then eventually have it “seeable” by any Internet user agent. This is a mighty task, but by attaching a preference profile to your document (be it WML2 or XHTML 1.0/1.1/2.0), you will be able to deliver what you want, where you want it.
Conclusions

I believe that DTPP should be considered as part of the Exchange Protocol for CC/PP, in that it offers the next step towards the processing of CC/PP.

Although DTPP is only a proposal, a system similar to it will at some point have to be investigated, so the system outlined above will hopefully provide a focusing point for the discussion, as well as furthering the progress of the Exchange Protocol work.

source : http://lists.w3.org/Archives/Public/www-ccpp-protocol/2000Sep/att-0002/01-ccpp-dtpp.html