W3C home > Mailing lists > Public > public-html@w3.org > August 2007

Re: [HDP] Secure by design

From: Robert Burns <rob@robburns.com>
Date: Thu, 23 Aug 2007 04:35:38 -0500
Message-Id: <1A53E4EA-E9E6-450E-859E-7C2136575CB3@robburns.com>
Cc: joshue.oconnor@cfit.ie, public-html <public-html@w3.org>
To: Lachlan Hunt <lachlan.hunt@lachy.id.au>

Hi Lachlan,

On Aug 23, 2007, at 4:13 AM, Lachlan Hunt wrote:

> Joshue O Connor wrote:
>> Robert Burns wrote:
>>>> I will say that DRM, as hated as it is, is still very much the same
>>>> security we're talking about here. Although security is a part of
>>>> denying access (as the DRM case drives home), we should still  
>>>> seek to
>>>> ensure security even if we know it might be misused (as DRM so  
>>>> often is).
>> I also think DRM is a useful example, although Lachlan disagrees.  
>> It is
>> a slightly different domain but only slightly to what we are  
>> discussing
>> as it does deal with providing security to content delivered over
>> HTTP/FTP protocols - but IMO it is not an entirely inappropriate  
>> model
>> to reference.
> DRM is designed to restrict the user's access to content in order  
> to protect the intellectual property of the content producer.  The  
> security that the Secure By Design principle is referring to is  
> about protecting the user and their system from hostile content  
> producers.  For example, preventing cross-domain scripting attacks,  
> restricting access to a users file system, etc.  Any feature  
> designed to impair, rather than protect, the user (like DRM) is not  
> relevant.

If that's the distinction the "Secure by Design" principle is making,  
it is not at all clear from the text. If that's is the case, then the  
captcha example wouldn't apply either. If this is only about user  
security (and not author or content provider security) we should make  
that clearer.

Take care,
Received on Thursday, 23 August 2007 09:35:52 UTC

This archive was generated by hypermail 2.3.1 : Thursday, 29 October 2015 10:15:25 UTC