- From: Dan Connolly <connolly@w3.org>
- Date: Mon, 21 Dec 2009 18:26:04 -0600
- To: Jonathan Rees <jar@creativecommons.org>
- Cc: public-awwsw@w3.org
On Mon, 2009-12-21 at 18:17 -0500, Jonathan Rees wrote: > I'd be careful about getting anywhere near security with this stuff, > since it's inherently authority-based and if the checks are done at > the wrong time it will suffer along the lines of Tyler Close's "ACLs > don't" paper. Hmm... it's what the customer asked for; i.e. Larry asked me to look at origin while I was at it. I agree that the origin model is pretty whacko, but it's what's deployed. > I don't think that's what you have in mind, but I'd say > this stuff is best marketed as empirical and inherently non-secure, > not prescriptive. I'm not quite following you. The two examples I've written up are (1) showing the reasoning in a browser when it enforces the same-origin policy. (2) showing that relying on cookies for authorization is a lose. Certainly (2) isn't an endorsement of authority-based stuff. Perhaps (1) looks a little like it, but that's not the intent; the intent is just to talk about the policy. I expect that when I get beyond same-origin and into examples of CORS and UM, it'll turn out that CORS works like cookies. -- Dan Connolly, W3C http://www.w3.org/People/Connolly/ gpg D3C2 887B 0F92 6005 C541 0875 0F91 96DE 6E52 C29E
Received on Tuesday, 22 December 2009 00:26:09 UTC