- From: Jonathan Rees <jar@creativecommons.org>
- Date: Tue, 22 Dec 2009 08:27:33 -0500
- To: Dan Connolly <connolly@w3.org>
- Cc: public-awwsw@w3.org
I'm not saying you've done anything amiss - hardly. I'm just saying that in case this discussion escapes to contexts involving anyone who knows about capabilities, the approach has to marketed / positioned appropriately so as not to disgust and alienate them. I think this is possible without compromise. Jonathan On Mon, Dec 21, 2009 at 7:26 PM, Dan Connolly <connolly@w3.org> wrote: > On Mon, 2009-12-21 at 18:17 -0500, Jonathan Rees wrote: >> I'd be careful about getting anywhere near security with this stuff, >> since it's inherently authority-based and if the checks are done at >> the wrong time it will suffer along the lines of Tyler Close's "ACLs >> don't" paper. > > Hmm... it's what the customer asked for; i.e. Larry asked me > to look at origin while I was at it. > > I agree that the origin model is pretty whacko, but it's > what's deployed. > >> I don't think that's what you have in mind, but I'd say >> this stuff is best marketed as empirical and inherently non-secure, >> not prescriptive. > > I'm not quite following you. The two examples I've written up > are > > (1) showing the reasoning in a browser when it enforces > the same-origin policy. > > (2) showing that relying on cookies for authorization is a lose. > > Certainly (2) isn't an endorsement of authority-based stuff. > > Perhaps (1) looks a little like it, but that's not the intent; > the intent is just to talk about the policy. I expect that > when I get beyond same-origin and into examples of CORS > and UM, it'll turn out that CORS works like cookies. > > -- > Dan Connolly, W3C http://www.w3.org/People/Connolly/ > gpg D3C2 887B 0F92 6005 C541 0875 0F91 96DE 6E52 C29E > >
Received on Tuesday, 22 December 2009 13:28:11 UTC