- From: Charles Reis <notifications@github.com>
- Date: Fri, 13 Apr 2018 18:01:45 -0700
- To: whatwg/fetch <fetch@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
- Message-ID: <whatwg/fetch/issues/687/381292508@github.com>
> For completeness, addressing these kinds of issues was part of the motivation for EPR and Isolate-Me, as well as for same-site cookies. But these proposals are fairly heavy-weight to implement and adopt, and there is value in having a simpler mechanism to tackle the classes of issues mentioned above. Thanks @arturjanc for mentioning these. For this discussion, it may actually be useful to read some of the earlier research we did in that space: **"App Isolation: Get the Security of Multiple Browsers with Just One" (CCS 2011)** https://research.google.com/pubs/pub37198.html That paper had some similarities to the approaches we're considering here: it was an opt-in way for sites to try to protect themselves from attacks, it involved process isolation (as well as state isolation for things like cookies and localStorage), and it was an attempt to get some of the benefits of [Site Isolation](https://www.chromium.org/developers/design-documents/site-isolation) (e.g., protection from compromised renderer processes) without needing out-of-process iframes. We wouldn't need everything the paper proposes for Spectre defense (e.g., entry-point restrictions or maybe even the isolation of persistent state), but it might give some useful ways to think about how some web sites could request process isolation, and what the tradeoffs are. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/issues/687#issuecomment-381292508
Received on Saturday, 14 April 2018 01:02:12 UTC