[Bug 13698] New: Three minor comments

http://www.w3.org/Bugs/Public/show_bug.cgi?id=13698

           Summary: Three minor comments
           Product: HTML WG
           Version: unspecified
          Platform: Other
               URL: http://www.w3.org/mid/1312393604.16132.5.camel@maveric
                    k
        OS/Version: All
            Status: NEW
          Severity: normal
          Priority: P3
         Component: HTML5 spec (editor: Ian Hickson)
        AssignedTo: ian@hixie.ch
        ReportedBy: mike+html-wg-mailbot@w3.org
         QAContact: public-html-bugzilla@w3.org
                CC: mike@w3.org, public-html-wg-issue-tracking@w3.org,
                    public-html@w3.org


public-html-comments posting from: Philippe De Ryck
<philippe.deryck@cs.kuleuven.be>
http://www.w3.org/mid/1312393604.16132.5.camel@maverick

The following comment contains detailed information about a few issues
that were identified during a recent security analysis of 13 W3C
standards, organized by ENISA (European Network and Information Security
Agency), and performed by the DistriNet Research Group (K.U. Leuven,
Belgium).

The complete report is available at http://www.enisa.europa.eu/html5
(*), and contains information about the process, the discovered
vulnerabilities and recommendations towards improving overall security
in the studied specifications.

 Issues
--------

HTML5EL-SECURE-2.Menu Integration: A web application can define
contextual and toolbar menus. The specification does not mention many
implementation details. A user agent may implement integrate these menus
with its own user interface, especially on small displays such as
smartphones. This may confuse a user and may present malicious or
erroneous menu items.

HTML5EL-SECURE-3.Keygen Scenarios: The specification does not provide
enough details about the keygen element. No concrete usage scenarios
(from keygen to actual use of the key) or implementation requirements
(e.g. storage of private keys) are provided. 

HTML5EL-USER-1.Overriding Sandbox: Sandboxed content is not allowed to
load plugin content. The specification of the embed element however
states that a user agent may allow the user to override this for a
specific content item, but the user agent should warn the user that this
could be dangerous. The override option is only briefly mentioned as
part of the description of the embed element, but is also an important
aspect of the sandbox attribute. The spec should either mention this
with the sandbox attribute or refer to the embed element.


(*) HTML version of the report is available as well:
https://distrinet.cs.kuleuven.be/projects/HTML5-security/
-- 
Philippe De Ryck
K.U.Leuven, Dept. of Computer Science


Disclaimer: http://www.kuleuven.be/cwis/email_disclaimer.htm

-- 
Configure bugmail: http://www.w3.org/Bugs/Public/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

Received on Saturday, 6 August 2011 10:47:54 UTC