W3C home > Mailing lists > Public > public-webappsec@w3.org > April 2014

Re: [Integrity] Comments/Questions on Subresource Integrity spec

From: Tanvi Vyas <tanvi@mozilla.com>
Date: Tue, 22 Apr 2014 22:21:03 -0700
Message-ID: <53574DBF.8030506@mozilla.com>
To: Devdatta Akhawe <dev.akhawe@gmail.com>
CC: "public-webappsec@w3.org" <public-webappsec@w3.org>
Thanks Dev and Brad for your responses!  Two things I'd still like to 
discuss (perhaps during tomorrow's call) -
* why do we need separate fallback mode and a block modes?  If the 
website wanted to fallback, they would include a src and a noncanonical 
source, along with an integrity attribute.  If they did not want to 
fallback, they would just provide the src and the integrity attribute.
* if the non canonical source fails the integrity check, should we 
require that the actual source be retrieved over https?

~Tanvi

On 4/21/14 7:47 PM, Devdatta Akhawe wrote:
> Hi
>
> Thanks for all the feedback! Comments inline:
>
>> Here it says that fonts are covered, but I don't see anything about fonts in
>> the spec.
> I have filed https://github.com/w3c/webappsec/issues/17
> I imagine one of the editors will get around to it in a future round of edits.
>
>> We could allow mixed active content loads that pass an integrity check
>> (instead of blocking them) and use the UI for mixed display content in these
>> cases (instead of showing the lock).
> yeah. That was one of the possibilities. There are arguments against
> it too, but the spec is not trying to prescribe anything here.
> Personally, I think this is best left to the browsers and how they
> feel their users are best served.
>
>> 2.1 - Key Concepts and Terminology
>> "The SHA-256, SHA-384, and SHA-512 are part of the SHA-2 set of
>> cryptographic hash functions defined..."
>> Looks like SHA-384 isn't used anywhere in the spec.
> I believe RFC6920 allows for using SHA-384. The spec only mandates
> SHA-256 and SHA-512. It might make sense to remove mention of SHA-384,
> but I am not sure if it is doing much damage right now.
>
>
>> Was there a discussion that these restrictions came out of?  I understand
>> the need for them but am worried if about overly constraining the feature.
>> Are there common instances where a resource may not be publicly cachable but
>> wouldn't have any private data or leak information?
> There was a bunch of discussion a while back. Unfortunately, it is
> spread over two threads because the initial thread had too much
> happening. See http://lists.w3.org/Archives/Public/public-webappsec/2014Jan/0005.html
> and http://lists.w3.org/Archives/Public/public-webappsec/2014Jan/0018.html
> The examples Michal came up with were pretty scary, imo.
>
>
>> 3.5 Verification of HTML document subresources
>> "...a new integrity attribute is added to the list of content attributes for
>> the a, audio, embed, iframe, link, object, script, source, track, and video
>> elements."
>> images are missing from this list.
> thanks! fixed.
>
>
>> 3.5.2 - Noncanonical source
> [skipping these parts since Brad seems to have already answered these]
>
>
>> 3.5.4 - Handling integrity violations
>> Why have separate block and fallback modes?  If the site didn't want to
>> fallback, they wouldn't have included a noncanonical source.
> I believe this is for cases where they don't have the noncanonical
> source and the integrity is applied to the main source.
>
>> 3.5.5.1 - The a element
>> "If subject has an integrity attribute whose value is not the empty string,
>> then:..."
>> What does subject refer to here?
> I think this is defined in the HTML5 spec
> http://www.w3.org/TR/html5/links.html#following-hyperlinks
>
>
>> 'If response’s integrity state is corrupt and the document’s integrity
>> policy is report, the user agent MUST report a violation, and can continue
>> with the download.'
> fixed!
>
> thanks again!
>
> regards
> Dev
Received on Wednesday, 23 April 2014 05:21:30 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:05 UTC