Re: subresource integrity (was Re: PING call)

>For example, cross-origin data leakage is one of the considerations there.

OK, I got it. If there is data leakage, it will also cause privacy issues.

Maybe we can change the sentence a little bit to reflect this:

5.3 Cross-origin data leakage
Attackers can determine whether some cross-origin resource has certain
content by attempting to load it with a known digest, and watching for load
failures. If the load fails, the attacker can surmise that the resource
didn’t match the hash, and thereby gain some insight into its contents. This
might reveal user privacy, for example, whether or not a user is logged into
a particular service.

Thanks,

Kind Regards

Kepeng Li
Alibaba Group

发件人:  Nicholas Doty <npdoty@ischool.berkeley.edu>
日期:  Tuesday, 19 May, 2015 9:40 am
至:  Li Kepeng <kepeng.lkp@alibaba-inc.com>
抄送:  "public-privacy (W3C mailing list)" <public-privacy@w3.org>
主题:  subresource integrity (was Re: PING call)

On May 18, 2015, at 5:20 AM, Kepeng Li <kepeng.lkp@alibaba-inc.com> wrote:
> 
>> 2. Privacy review request from Web Applications Security WG concerning
>> Subresource Integrity [1]
> 
> It seems that there are no privacy considerations in this document.
> 
> Should we add something?

There is a Security Considerations section that is likely relevant to the
things we typically review:

http://w3c.github.io/webappsec/specs/subresourceintegrity/#security-consider
ations-1

For example, cross-origin data leakage is one of the considerations there. I
wonder if authors should typically write these as "Security and Privacy
Considerations" since they so often overlap.

npd

Received on Tuesday, 19 May 2015 04:11:33 UTC