- From: Jeffrey Yasskin <notifications@github.com>
- Date: Sat, 23 Mar 2019 19:20:03 -0700
- To: w3ctag/design-reviews <design-reviews@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
- Message-ID: <w3ctag/design-reviews/issues/354@github.com>
I'm requesting TAG input on some design questions we discussed at the [2019-02 Tokyo meeting](https://github.com/w3ctag/meetings/blob/gh-pages/2019/02-tokyo/02-06-minutes.md#signed-exchanges-and-bundling). https://github.com/w3ctag/design-reviews/issues/235 is already closed, so I'm filing a new issue. - Name: Signed Exchanges - Specification URL: https://wicg.github.io/webpackage/loading.html and https://wicg.github.io/webpackage/draft-yasskin-http-origin-signed-responses.html - Explainer, Requirements Doc, or Example code: https://github.com/WICG/webpackage/ - Tests: https://github.com/web-platform-tests/wpt/tree/master/signed-exchange - Primary contacts: @jyasskin, @nyaxt Questions: 1. Do you have ideas to help ensure that web servers don't sign personalized content, which can allow [various attacks](https://wicg.github.io/webpackage/draft-yasskin-http-origin-signed-responses.html#seccons-over-signing)? 1. Does it make sense/help things to require that a signed exchange is fetched with [`credentials`](https://fetch.spec.whatwg.org/#concept-request-credentials-mode)=`"omit"`? This requires at least a new attribute on `<a>` tags to set its credentials mode and Fetch infrastructure to handle that on navigations. 1. How would you trade off the extra security of [validating content in real time](https://github.com/WICG/webpackage/issues/376) vs the surveillance that allows? 1. Similarly, do you have ideas on how best to notify a publisher that their certificate has signed such-and-such exchange, without revealing private information about who's reading the content? https://github.com/WICG/webpackage/issues/376 could handle this ... by revealing that private information. We'd prefer the TAG provide feedback as (please select one): - [ ] open issues in our Github repo for each point of feedback - [ ] open a single issue in our Github repo for the entire review - [x] leave review feedback as a comment in this issue and @-notify [github usernames] -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/w3ctag/design-reviews/issues/354
Received on Sunday, 24 March 2019 02:20:24 UTC