W3C home > Mailing lists > Public > public-wsc-wg@w3.org > January 2007

Re: What is a secure page?

From: Yngve Nysaeter Pettersen <yngve@opera.com>
Date: Tue, 30 Jan 2007 16:48:34 +0100
To: "Hal Lockhart" <hlockhar@bea.com>, "George Staikos" <staikos@kde.org>, "W3 Work Group" <public-wsc-wg@w3.org>
Message-ID: <op.tmy4u8mxvqd7e2@killashandra-ii.oslo.opera.com>

On Tue, 30 Jan 2007 16:31:17 +0100, Hal Lockhart <hlockhar@bea.com> wrote:

>
> I can think of a clarification and two more cases to think about.
>
> First, when you say all the content on a page is protected, does that
> imply it is all from the same site? (same in the sense of the XSS rules,
> e.g. *.example.com)

If "protected" means "served by TLS" with authentication and encryption  
I'd say that as long as all elements are served in such a manner the  
content of the page is protected. (one might argue about authentication  
only ciphers, but those do not protect the data against eavesdropping,  
only modification)

As I've mentioned earlier, there are a couple of corner cases, such an  
initial unsecure-to-secure redirects where one would have to consider  
whether or not the resulting page can be considered secure.

> Second, what about pages with frames. Presumably all the frames are
> considered a page, but I believe frames can be updated individually.
> What happens if one frame goes insecure?
>
> Similar questions apply to an Ajax application. What happens if an
> update is not secure?

IMO, as soon as a frame, script, applet etc. requests data over an  
unsecure connection, the security level should be set to "not secure".  
That is the way Opera works.

An application usually have no way to tell how sensitive a resources is  
(for example: is it "just" a spacer image, or is it a graph that could  
possibly leak information about what a high profile investor would be  
investing in next?). As should be apparent, I lean in the direction that  
mixing secure and unsecure content should not be permitted (we do at the  
moment due to interoperability concerns, but I'd rather not).


>> -----Original Message-----
>> From: public-wsc-wg-request@w3.org
> [mailto:public-wsc-wg-request@w3.org]
>> On Behalf Of George Staikos
>> Sent: Sunday, January 21, 2007 10:24 PM
>> To: W3 Work Group
>> Subject: Re: What is a secure page?
>>
>>
>>
>> Hmm does that mean that the location/url bar is going into the tab
>> too? :-)
>>
>> On 17-Jan-07, at 9:35 AM, Stuart E. Schechter wrote:
>>
>> >
>> >>>    The FireFox 2 tabs contain a window close button that used to
>> >>> be part
>> >> of
>> >>> the window frame.  Presumably they were moved here because users
>> >>> didn't
>> >>> understand, or weren't comfortable with, the model in which a
>> >>> close icon
>> >> for
>> >>> the window closed a tab.
>> >>
>> >> So that sounds like data that could be used to argue the scoping is
>> >> effective.
>> >>
>> >>         Mez
>> >
>> >    I don't understand the logic there.  Firefox 2 is moving away
>> > from the
>> > model in which users are presumed to understand that all browser
>> > buttons
>> > within a window apply to the current tab.  They are moving to a
>> > model in
>> > which you have to explicitly show the user that the button applies
>> > to the
>> > tab by putting it into the tab itself.  How would you argue that
>> > this change
>> > supports the effectiveness of the scoping?
>> >
>> >
>> >
>>
>> --
>> George Staikos
>> KDE Developer				http://www.kde.org/
>> Staikos Computing Services Inc.		http://www.staikos.net/
>>
>>
>>
>
>



-- 
Sincerely,
Yngve N. Pettersen

********************************************************************
Senior Developer		             Email: yngve@opera.com
Opera Software ASA                   http://www.opera.com/
Phone:  +47 24 16 42 60              Fax:    +47 24 16 40 01
********************************************************************
Received on Tuesday, 30 January 2007 15:52:02 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:14:14 UTC