Re: [filter-effects] Updated security model

Hi Dirk,

The spec is not too clear about why those primitives in particular taint
the filter chain. I'm probably showing my CSS ignorance here, but how do
feFlood, feDropShadow and fe*Lighting cause tainting?

Under the "Timing Attacks" section, we also might want to call out the
visited link issue as another example of a timing attack, since it's fairly
well-known.

Stephen


On Fri, Sep 27, 2013 at 1:46 AM, Dirk Schulze <dschulze@adobe.com> wrote:

> Hi,
>
> I updated the security model for Filter Effects [1]. Furthermore, I
> removed several descriptions of optimizations that potentially do not
> follow the security model.
>
> I would like to ask for an initial review of the new written section.
>
> Greetings,
> Dirk
>
> [1] http://dev.w3.org/fxtf/filters/#security
>

Received on Wednesday, 30 October 2013 21:45:05 UTC