- From: Stephen Jolly <stephen.jolly@rd.bbc.co.uk>
- Date: Wed, 07 Oct 2009 11:52:07 +0100
- To: public-webapps WG <public-webapps@w3.org>
- CC: Phil Archer <phila@w3.org>, Scott Wilson <scott.bradley.wilson@gmail.com>, Dominique Hazael-Massieux <dom@w3.org>, Marcin Hanclik <Marcin.Hanclik@access-company.com>
Phil Archer wrote: > The problem is finding the right amount of flexibility without making it > too complicated or opening unwanted security holes. ... > It depends on your use cases of course. I guess the reason I've joined this discussion is that I'm concerned that most of the schemes out there (including the one proposed for WARP) don't allow the local network to be defined as a security domain, which precludes use cases I care about. The Opera widget security model has the concept of "private" addresses (the RFC 1918 and 3927 ranges) - I presume that this group made the conscious decision not to include this concept in the WARP model? Personally, I'm not sure even the Opera model[1] (which talks about these "private" addresses in the context of intranets) is as flexible as one might like: you could make a good case that 127.0.0.0/8 and the UA device's own IP address(es) masked by the appropriate subnet masks should be added to that list. It does all come down to the use cases though, and I guess my fundamental question is still whether or not widget access to resources on the local network is seen as important by this group. Answers welcome. :-) S [1] http://dev.opera.com/articles/view/opera-widgets-security-model/
Received on Wednesday, 7 October 2009 10:53:00 UTC