- From: <bugzilla@jessica.w3.org>
- Date: Fri, 12 Dec 2014 13:05:08 +0000
- To: public-html-bugzilla@w3.org
https://www.w3.org/Bugs/Public/show_bug.cgi?id=27269 --- Comment #5 from Henri Sivonen <hsivonen@hsivonen.fi> --- (In reply to David Dorwin from comment #4) > While using a combination of origins may address the concern, there are > potential problems: > 1. Other storage mechanisms (cookies, etc.) are not unique per combination. Well, cookies are so broken that they aren't even clamped to an origin! Still, the Web Platform has been able to introduce other things that have origin-based security. > * Introducing this new type of separation for this single purpose may be > problematic. Chances are that it's a bug that this kind of separation isn't being used for other things, too. Quoting Mike Perry from https://groups.google.com/d/msg/mozilla.dev.privacy/3jA9zt1pXVo/tD0buhEMfMEJ : > For the record, in Tor Browser we are also trying to demonstrate that it > is possible to provide the same third party tracking protections as "Do > Not Track" through technology, rather than policy. > > In other words, we have jailed/double-keyed/disabled third party > cookies, cache, DOM storage, HTTP Auth, and TLS Session state to the URL > bar domain, to eliminate third party tracking across different url bar > sites. (Back to quoting David Dorwin:) > For example: > i. Communicating this to the user could be difficult. My recollection is that I've even seen a UI design *for Chrome* for a scoped permission (for geolocation) like this in a paper co-authored by Adrienne Porter Felt, but now I can't find such a paper. > ii. User agent implementations may not support storage by such > combinations. Well, a priori, UAs don't support CDM interfaces, either. Code needs to be written to support new things. > 2. All CDM storage must be similarly separated. > * This is more complex than just salting an identifier. > * See also #1. > * See also #incomplete-clearing in the spec. You store a salt per top-level + EME-calling origin pair. Then you give a CDM storage partition for each salt. > 3. Appearing as a different user/device to the EME-using origin may have > undesirable results for the user. Do you have examples? -- You are receiving this mail because: You are the QA Contact for the bug.
Received on Friday, 12 December 2014 13:05:17 UTC