[WebDriver] Implementation security issues

Hi folks, 

I've been evangelizing WebDriver for W3C's user agent testing effort. The biggest concern I've heard so far is around security. The TV industry in particular is worried this could be used to subvert a user's TV set.

It would be extremely useful to either have a (non-normative) section on security within the spec, describing the potential security risks (including social engineering) and mitigation strategies, or have such a document hosted elsewhere to which I could point to when security is brought up as a concern.

Case studies on how the security concerns have been resolved in shipping implementations would also be tremendously useful.

Let me know if there's anything I could help with here.



Received on Monday, 28 October 2013 09:11:59 UTC