- From: David Burns <dburns@mozilla.com>
- Date: Mon, 28 Oct 2013 10:32:40 +0000
- To: Tobie Langel <tobie@w3.org>, public-browser-tools-testing@w3.org
Tobie, I am happy to have a non-normative section in the spec on how to deal with these scenarios but they are going to be extremely fluffy. A lot of the security concerns are the same as how you would secure a browser on a mobile phone that has remote debugging. Please can you raise a bug agains the spec setting it as a blocker against bug 20860. David On 28/10/2013 09:13, Tobie Langel wrote: > Hi folks, > > I've been evangelizing WebDriver for W3C's user agent testing effort. The biggest concern I've heard so far is around security. The TV industry in particular is worried this could be used to subvert a user's TV set. > > It would be extremely useful to either have a (non-normative) section on security within the spec, describing the potential security risks (including social engineering) and mitigation strategies, or have such a document hosted elsewhere to which I could point to when security is brought up as a concern. > > Case studies on how the security concerns have been resolved in shipping implementations would also be tremendously useful. > > Let me know if there's anything I could help with here. > > Best, > > --tobie > > > >
Received on Monday, 28 October 2013 10:33:04 UTC