- From: Larry Masinter <masinter@adobe.com>
- Date: Fri, 22 May 2009 10:13:35 -0700
- To: Arve Bersvendsen <arveb@opera.com>, "marcosc@opera.com" <marcosc@opera.com>, public-pkg-uri-scheme <public-pkg-uri-scheme@w3.org>, public-webapps <public-webapps@w3.org>
What makes a set of widgets "related"? Is there an attack where based on UUID knowledge where two unrelated widgets could somehow appear "related"? What "existing infrastructure for security" are you planning to reuse? Often, security loopholes are introduced when reusing security infrastructure designed for one context in a way that it wasn't designed for. "thismessage:/" basically didn't allow references outside the package at all. By adding a UUID and alluding to "related" packages as possibly being available, "widget" might become a vector. I'm not saying it is, I'm just saying that getting external review for security mechanisms and assumptions is critical. Larry -- http://larry.masinter.net -----Original Message----- From: Arve Bersvendsen [mailto:arveb@opera.com] Sent: Friday, May 22, 2009 9:55 AM To: Larry Masinter; marcosc@opera.com; public-pkg-uri-scheme; public-webapps Subject: Re: [widgets] Widgets URI scheme... it's baaaack! On Fri, 22 May 2009 17:29:57 +0200, Larry Masinter <masinter@adobe.com> wrote: > If the widget: scheme is intended for inter-package references > then there are security issues with that. If not, then why the UUID? At the time of writing, I do not see them being used for inter-package references (If my understanding equals yours here, as in "references between otherwise unrelated widgets". The UUID? Well, it actually eases implementations a bit, since an implementation can use the UUID as "domain" when requests are made, which actually allows vendors to reuse existing infrastructure for security checks and so on. -- Arve Bersvendsen Opera Software ASA, http://www.opera.com/
Received on Friday, 22 May 2009 17:14:28 UTC