- From: Mike West <notifications@github.com>
- Date: Wed, 05 Feb 2020 05:34:50 -0800
- To: w3ctag/design-reviews <design-reviews@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
- Message-ID: <w3ctag/design-reviews/issues/471@github.com>
Hello TAG! I'm requesting a TAG review of [Secur<em>er</em> Contexts](https://github.com/mikewest/securer-contexts/). [Secure Context's threat model](https://w3c.github.io/webappsec-secure-contexts/#threat-models) encompasses the transport layer. This proposal would extend it to include attackers with the ability to inject code into a victim's document (by tricking either the server or client-side code), and attackers who seek to include a victim's resources into a context where they may be vulnerable to side-channel attacks. This extension of the threat model would allow us to likewise extend the `[SecureContext]` IDL attribute use the same language we use for HTTPS restrictions today (namely the `[SecureContext]` IDL attribute) to express new requirements for new mitigations. - Explainer: https://github.com/mikewest/securer-contexts/ - Security and Privacy self-review: This is not a new feature in the typical sense, but a discussion of the ways in which I'd like us to collectively be able to restrict new (and existing!) features. I think it would feed into the self-review process, as opposed to being directly subject to it (but I'm happy to fill out the questionnaire if y'all disagree about its relevance). - Primary contacts (and their relationship to the specification): - Mike West (@mikewest, Google) - Organization/project driving the design: Moi. - External status/issue trackers for this feature (publicly visible, e.g. Chrome Status): None yet. This seems solidly architectural in nature, so I came to y'all first. I intend to send it to WebAppSec (and Twitter, I suppose) directly after filing this bug. Further details: - [X] I am passingly familiar with the TAG's [API Design Principles](https://w3ctag.github.io/design-principles/), and in particular its [discussion of Secure Contexts in Section 2.10](https://w3ctag.github.io/design-principles/#secure-context). - The group where the work on this design is being done (or is intended to be done in the future): WICG -> WebAppSec + IDL - Existing major pieces of multi-stakeholder review or discussion of this design: None. - Major unresolved issues with or opposition to this design: None. - This work is being funded by: Google, via my paychecks. You should also know that the TAG was the venue in which Secure Contexts began (hello, @diracdeltas!). We'd prefer the TAG provide feedback as (please delete all but the desired option) review feedback as a **comment in this issue**, @-notifying @mikewest. :heart: -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/w3ctag/design-reviews/issues/471
Received on Wednesday, 5 February 2020 13:34:54 UTC