- From: Philippe De Ryck <philippe.deryck@cs.kuleuven.be>
- Date: Wed, 03 Aug 2011 19:45:02 +0200
- To: public-geolocation@w3.org
The following comment contains detailed information about a few issues that were identified during a recent security analysis of 13 W3C standards, organized by ENISA (European Network and Information Security Agency), and performed by the DistriNet Research Group (K.U. Leuven, Belgium). The complete report is available at http://www.enisa.europa.eu/html5 (*), and contains information about the process, the discovered vulnerabilities and recommendations towards improving overall security in the studied specifications. Issues -------- GEOLOC-SECURE-1.Monitoring Lifetime: The specification discusses a way to launch a background monitoring process, that invokes a callback handler if the location has changed. It does not explicitly specify the lifetime of a watchPosition process, except when it is cancelled by the caller. Such a process should terminate when the associated document no longer exists. GEOLOC-USER-1.Permission Nature: The specification imposes a requirement on the permission UI, stating that the origin of the document must be shown. However, it does not impose that the nature of the permission (one-shot or monitoring) must be made clear. The difference between permission for a one-shot location retrieval or launching a monitoring process is quite important. Additionally, stored one-shot permissions are very similar to a monitoring process! (*) HTML version of the report is available as well: https://distrinet.cs.kuleuven.be/projects/HTML5-security/ -- Philippe De Ryck K.U.Leuven, Dept. of Computer Science Disclaimer: http://www.kuleuven.be/cwis/email_disclaimer.htm
Received on Wednesday, 3 August 2011 17:45:41 UTC