W3C home > Mailing lists > Public > public-webapps@w3.org > July to September 2008

Widget Requirements: Updates vs security

From: Thomas Roessler <tlr@w3.org>
Date: Thu, 7 Aug 2008 02:43:32 +0200
To: public-webapps@w3.org
Message-ID: <20080807004332.GH4194@iCoaster.does-not-exist.org>

While I'm on it...  I believe that we should add the following
points to the automatic update requirement:

 - Conforming specifications should ensure that updates are
   authenticated.
   
 - Conforming specifications should provide a mechanism to protect
   against downgrade attacks using ancient versions of widgets.

   (Essentially, version information should be part of the Widget,
   signed, and evaluated upon updates.)

 - Conforming specifications should apply signature verification
   policies to updates that are consistent with those applied upon
   original installation of the widget.
   
I'm also wondering whether there is something to be said in the
requirements document concerning the handling of possibly changing
security declarations during updates.

Regards,
-- 
Thomas Roessler, W3C  <tlr@w3.org>
Received on Thursday, 7 August 2008 00:44:09 GMT

This archive was generated by hypermail 2.3.1 : Tuesday, 26 March 2013 18:49:27 GMT