From f41b0c27e07563c6ab84deb3e0efda5216416729 Mon Sep 17 00:00:00 2001 From: Jesse Wright <63333554+jeswr@users.noreply.github.com> Date: Sun, 26 Apr 2026 18:03:58 +0100 Subject: [PATCH 1/3] Add Privacy and Security Considerations section MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Adds §8 with one subsection (Impact of not enforcing Protected Properties) covering the consequences when a server does not enforce the Protected Properties requirement: the WebID owner's solid:oidcIssuer can be rewritten by an agent with write access to the WebID Document, opening the way to impersonation. Also adds the matching TOC entry. Raised in response to discussion on solid/specification#776, where the underlying gap was first noted. --- index.html | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/index.html b/index.html index 77b3a39..d0b2be8 100644 --- a/index.html +++ b/index.html @@ -781,6 +781,12 @@

Table of Contents

Other predicates +
  • + 8. + Privacy and Security Considerations +
  • A. Changelog
    • @@ -1295,6 +1301,25 @@

    7. Other predicates +
    +

    8. Privacy and Security Considerations

    +
    +

    This section is non-normative.

    + +
    +

    Impact of not enforcing Protected Properties

    +
    +

    The Protected Properties requirement is intended to prevent agents other than the WebID owner from modifying specific properties, notably solid:oidcIssuer. When a Solid server does not enforce these protections, the WebID Profile is open to attack:

    +
      +
    • An agent with write access to the WebID Document can rewrite solid:oidcIssuer, redirecting Solid-OIDC authentication to an attacker-controlled OpenID Provider and impersonating the WebID owner.
      • +
    • Other Protected Properties may be similarly tampered with by an agent granted write access, depending on which properties a particular server fails to protect.
      • +
    +

    Implementations of Solid WebID Profile clients should not assume that a hosted WebID Document's Protected Properties have been preserved as the WebID owner intended; clients reading these properties should weigh the trust they place in the hosting server.

    +
    +
    +
    +
    +

    A. Changelog

    From 4c960d586433d48195b7c167f22d7d20cd6af8d8 Mon Sep 17 00:00:00 2001 From: Jesse Wright <63333554+jeswr@users.noreply.github.com> Date: Sun, 26 Apr 2026 18:09:05 +0100 Subject: [PATCH 2/3] =?UTF-8?q?Number=20=C2=A78.1=20explicitly=20and=20add?= =?UTF-8?q?=20to=20TOC?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Match the rest of the document's pattern: subsection h3 carries an explicit 8.1, and the TOC nests the subsection entry under §8. --- index.html | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/index.html b/index.html index d0b2be8..b9de555 100644 --- a/index.html +++ b/index.html @@ -786,6 +786,14 @@

    Table of Contents

    >8. Privacy and Security Considerations +
      +
    1. + 8.1 + Impact of not enforcing Protected Properties +
      2. +
  • A. Changelog @@ -1306,8 +1314,8 @@

    8. Privacy and Securit

    This section is non-normative.

    -
    -

    Impact of not enforcing Protected Properties

    +
    +

    8.1 Impact of not enforcing Protected Properties

    The Protected Properties requirement is intended to prevent agents other than the WebID owner from modifying specific properties, notably solid:oidcIssuer. When a Solid server does not enforce these protections, the WebID Profile is open to attack:

      From 4edc53471decc48b3770e355fabda92dcb67b7d9 Mon Sep 17 00:00:00 2001 From: Jesse Wright <63333554+jeswr@users.noreply.github.com> Date: Sun, 26 Apr 2026 18:20:56 +0100 Subject: [PATCH 3/3] =?UTF-8?q?Drop=20trailing=20'should=20not=20assume'?= =?UTF-8?q?=20paragraph=20from=20=C2=A78.1?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The two bullets above already convey the impact; the trailing client-trust advisory adds nothing not derivable from them. --- index.html | 1 - 1 file changed, 1 deletion(-) diff --git a/index.html b/index.html index b9de555..3c957fd 100644 --- a/index.html +++ b/index.html @@ -1322,7 +1322,6 @@

      8.1 Impact of not enfo
    • An agent with write access to the WebID Document can rewrite solid:oidcIssuer, redirecting Solid-OIDC authentication to an attacker-controlled OpenID Provider and impersonating the WebID owner.
    • Other Protected Properties may be similarly tampered with by an agent granted write access, depending on which properties a particular server fails to protect.

    -

    Implementations of Solid WebID Profile clients should not assume that a hosted WebID Document's Protected Properties have been preserved as the WebID owner intended; clients reading these properties should weigh the trust they place in the hosting server.