Re: [integrity]: latency tradeoffs from Adam Langley on 2014-01-15 (public-webappsec@w3.org from January 2014)

From: Adam Langley <agl@google.com>
Date: Wed, 15 Jan 2014 14:34:50 -0500
To: Michal Zalewski <lcamtuf@coredump.cx>
Cc: Devdatta Akhawe <dev.akhawe@gmail.com>, Joel Weinberger <jww@chromium.org>, Mike West <mkwst@google.com>, "public-webappsec@w3.org" <public-webappsec@w3.org>
Message-ID: <CAL9PXLwvjS4OX6_ibmkfAw0Q-_1BvDA2NF6FYbOpa0c-NjTPcw@mail.gmail.com>

On Wed, Jan 15, 2014 at 2:18 PM, Michal Zalewski <lcamtuf@coredump.cx> wrote:
> The strongest use cases for integrity are for JS, CSS, fonts, and for
> binary downloads. Most of these can't be really rendered speculatively
> as they load; binary blobs are the only exception, I think, but they
> do not benefit hugely from progressive validation.

I *think* that Javascript is parsed incrementally at least and
possibility incrementally executed. However, you would have to ask
Adam Barth or Eric Seidel to be sure r.e. WebKit and Blink.

Cheers

AGL

Received on Wednesday, 15 January 2014 19:35:38 UTC