Re: Security and Privacy Considerations from Marta Piekarska on 2016-07-08 (public-payments-wg@w3.org from July 2016)

From: Marta Piekarska <marta@blockstream.io>
Date: Fri, 8 Jul 2016 08:11:02 -0500
To: Manu Sporny <msporny@digitalbazaar.com>
Message-Id: <A37A0D9C-903C-4856-9BC0-2D7042D32213@blockstream.com>

Two quick additions-
* Denial of service
* Code injection
Have a good day, hope London is amazing
m


--
Security Architect @ Blockstream

mp@blockstream.com

+491703311307 (Germany)
+14159608938 (U.S)
Signal, Wickr (martap).

Sent from a mobile device, please excuse typos.

> On Jul 8, 2016, at 8:42 AM, Manu Sporny <msporny@digitalbazaar.com> wrote:
> 
> Hi all,
> 
> I've started documenting potential security and privacy attacks against
> the Web Payments API here:
> 
> https://github.com/w3c/webpayments/wiki/Security-and-Privacy-Considerations
> 
> It contains a number of attacks that I could think off just off of the
> top of my head this morning. I'll try to add more attacks as I have
> time. Clearly we'll need multiple thorough security reviews by experts
> and the hope is that this page can prime their thinking wrt. the types
> of attacks that the system we're building is susceptible to.
> 
> -- manu
>

Received on Friday, 8 July 2016 13:11:07 UTC