- From: Adam Barth <w3c@adambarth.com>
- Date: Sat, 12 Dec 2009 19:17:15 -0800
- To: Jonas Sicking <jonas@sicking.cc>
- Cc: Arthur Barstow <Art.Barstow@nokia.com>, "ext Mark S. Miller" <erights@google.com>, Tyler Close <tyler.close@gmail.com>, Ian Hickson <ian@hixie.ch>, Maciej Stachowiak <mjs@apple.com>, Anne van Kesteren <annevk@opera.com>, public-webapps <public-webapps@w3.org>
On Thu, Dec 10, 2009 at 12:04 PM, Jonas Sicking <jonas@sicking.cc> wrote: > On Thu, Dec 10, 2009 at 10:53 AM, Arthur Barstow <Art.Barstow@nokia.com> wrote: >> Ideally, the group would agree on a single model and this could be achieved >> by converging CORS + UM, abandoning one model in deference to the other, >> etc. >> >> Can we all rally behind a single model? > > I'm not sure that we want to. My impression is that both models have > their advantages and risks. They basically implement two different > security design philosophies, and I'm not confident that there is a > winner, or that we can correctly pick one. I agree with Jonas. It seems unlikely we'll be able to design-by-commitee around a difference in security philosophy dating back to the 70s. > CORS seems easier in the simpler cases when no website acts as a > deputy. UM seems less likely to cause confused deputy problems when a > website acts as a deputy and receives urls from third parties (either > by fetching them over the network, or by having third party code > running in their domain using something like caja). I also agree with Jonas on these points. What might make the most sense is to let the marketplace decide which model is most useful. The most likely outcome (in my mind) is that they are optimized for different use cases and will each find their own niche. Adam
Received on Sunday, 13 December 2009 03:18:09 UTC