- From: Deian Stefan <deian@cs.stanford.edu>
- Date: Thu, 29 Jan 2015 16:54:01 -0800
- To: Brad Hill <hillbrad@gmail.com>, Yan Zhu <yzhu@yahoo-inc.com>, Chris Palmer <palmer@google.com>
- Cc: "public-webapps\@w3.org" <public-webapps@w3.org>, "public-webappsec\@w3.org" <public-webappsec@w3.org>
Brad Hill <hillbrad@gmail.com> writes: > Paging (future Dr.) Deian Stefan to the ER... > > Any thoughts on using COWL for this kind of thing, with a pinned crypto key > as a confinement label to be combined with the regular Origin label? Thanks for paging me! I've thought about something like this---providing some form of code integrity---in the context of COWL as well. The idea was to grant a worker the privilege corresponding to the (hash of the) source, in addition to its origin. This would allow a server to verify if the code it is communicating with is trustworthy. (COWL labels are not limited to origins.) I really like Yan's use case. And I think it fits in pretty naturally with COWL: the app, if verification succeeds, can be granted the privilege corresponding to the (hash of the) crypto key: Privilege(https://cryptomail.yahoo.com).and(app-key:...). Other code from the same origin would only have Privilege(https://cryptomail.yahoo.com). I think this may partly address Chris and Dev's concerns. But deciding when not to run the app code is still a question. Though I think the github issue already brings this up. Deian
Received on Friday, 30 January 2015 00:54:31 UTC