W3C home > Mailing lists > Public > public-webappsec@w3.org > January 2014

Re: [integrity]: latency tradeoffs

From: Michal Zalewski <lcamtuf@coredump.cx>
Date: Wed, 15 Jan 2014 11:18:38 -0800
Message-ID: <CALx_OUDe3UG6Juctxr7GejweVLP_2VcwRvUErm=DKaG1mRXcgA@mail.gmail.com>
To: Devdatta Akhawe <dev.akhawe@gmail.com>
Cc: Joel Weinberger <jww@chromium.org>, Adam Langley <agl@google.com>, Mike West <mkwst@google.com>, "public-webappsec@w3.org" <public-webappsec@w3.org>
> My only concern: I am not sure whether we want to make this a
> requirement for the first version of the spec or make it a requirement
> in the second version.

The strongest use cases for integrity are for JS, CSS, fonts, and for
binary downloads. Most of these can't be really rendered speculatively
as they load; binary blobs are the only exception, I think, but they
do not benefit hugely from progressive validation.

There are peripheral use cases for "passive" multimedia (images,
video, audio). They are less valuable to attackers, but also depend
heavily on progressive loading. In these use cases, it feels like
progressive validation is pretty much a strict requirement.

There are also use cases for plugin-rendered documents (e.g., PDF),
but I'm not sure if we can make integrity work with plugins very
easily to begin with (?). The last use case would be for HTML in an
<iframe>, but I don't think that would offer any real benefits with
today's ads or gadgets.

/mz
Received on Wednesday, 15 January 2014 19:19:25 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:04 UTC