On Fri, Sep 25, 2015 at 12:25 PM, Kis, Zoltan <zoltan.kis@intel.com> wrote:
>
>
> On Fri, Sep 25, 2015 at 9:43 PM, Jeffrey Yasskin <jyasskin@google.com>
> wrote:
>
>> On Fri, Sep 25, 2015 at 11:35 AM, Kis, Zoltan <zoltan.kis@intel.com>
>> wrote:
>>
>>>
>>> If the browser can restrict writes to own-origin tags, then pages can't
>>> rewrite a tag with different origin information.
>>>
>>> And how the browser would write the tag the first time?
>>> Do we require that 1. we only write an empty or "same-origin" tag?
>>> Or could a page 2. write a "cross-origin" or "no-origin" tag against a
>>> user prompt (powerful feature)?
>>>
>>
>> Writing the initial tag content might not work from the web API; maybe
>> you need the manufacturer to initialize it with a trusted origin. Even
>> allowing writes to empty tags diverges from the same-origin policy, and
>> needs buy-in from the security folks.
>>
>>
> At least we can start with this, and mention in a note (or actually the
> Security doc) about what are some other possible policies.
> I will make the necessary changes in the spec and the Security document.
> Will keep PR #56 open for this (and will change the title).
> Perhaps we should also update #3 based on this discussion.
>
Re #56, it'd be good to merge the grammatical and phrasing fixes in a
separate PR from the semantics changes around removing the notion of
trusted integrity content. That'll help reviewers focus on the right part.
Jeffrey