- From: Dave Raggett <dsr@w3.org>
- Date: Mon, 08 Apr 2013 16:33:02 +0100
- To: public-sysapps@w3.org
On 08/04/13 14:08, John Lyle wrote: > Making a request to the "originCheck" URL could just result in a > response containing the set of application IDs or application hashes > that are permitted. The user agent can then work out whether > communication to this origin should be allowed. The user agent is > trusted, after all. I don't see that performing computation on the > input query necessarily helps - if you want anti-replay properties, > or timeliness, surely it would be better to use transport security? > Is there a specific attack you are considering? For TLS, the server is required to provide a certificate if I recall correctly. Certificates are often out of date and sometimes self signed. If a bona fide certificate is not available, this opens the door to man in the middle attacks. A computation at install time can at least verify that the server the manifest claims as the originator believes that the package hasn't been modified and can be used with that origin. Let's talk further tomorrow in Madrid. Best' -- Dave Raggett <dsr@w3.org> http://www.w3.org/People/Raggett
Received on Monday, 8 April 2013 15:33:32 UTC