Link W3c Q2: Exactly what security risks are we talking about?
There are basically three overlapping types of risk:
- Bugs or misconfiguration problems in the Web server that allow unauthorized remote users to:
- Steal confidential documents not intended for their eyes.
- Execute commands on the server host machine, allowing them to modify the system.
- Gain information about the Web server’s host machine that will allow them to break into the system.
- Launch denial-of-service attacks, rendering the machine temporarily unusable.
- Browser-side risks, including:
- Active content that crashes the browser, damages the user’s system, breaches the user’s privacy, or merely creates an annoyance.
- The misuse of personal information knowingly or unkowingly provided by the end-user.
- Interception of network data sent from browser to server or vice versa via network eavesdropping. Eavesdroppers can operate from any point on the pathway between browser and server including:
- The network on the browser’s side of the connection.
- The network on the server’s side of the connection (including intranets).
- The end-user’s Internet service provider (ISP).
- The server’s ISP.
- Either ISPs’ regional access provider.
It’s important to realize that “secure” browsers and servers are only designed to protect confidential information against network eavesdropping. Without system security on both browser and server sides, confidential documents are vulnerable to interception.
Protecting against network eavesdropping and system security are the subject of sections 1 to 5 of this document. Client-side security is covered in sections 6 and 7. Section 8 deals with security alerts for specific Web servers.