W3C home > Mailing lists > Public > public-webappsec@w3.org > July 2014

Re: Isolated Web Components for a more secure web

From: Eduardo' Vela\ <evn@google.com>
Date: Tue, 1 Jul 2014 07:53:12 -0700
Message-ID: <CAFswPa_kmQcFTQW_Pskp7gqeoPGaYVub7VzHOuRwUPYcwUT8VA@mail.gmail.com>
To: Eduardo Robles Elvira <edulix@agoravoting.com>
Cc: public-webappsec@w3.org
On Jul 1, 2014 1:22 AM, "Eduardo Robles Elvira" <edulix@agoravoting.com>
wrote:
>
> On Mon, Jun 30, 2014 at 6:00 PM, Eduardo' Vela" <Nava> <evn@google.com>
wrote:
> > ShadowDOM used to have security properties but they got removed (not
sure
> > why, but when I took a look it was easy to work around them).
> >
> > It seems like this proposal is just iframes anyway right? Or how are the
> > isolated components different from iframes?
>
> Hello Eduardo:
Hi! :-)
>
> It's true that this has some resemblance to iframes, in the idea of
> having a shadow dom that is not accessible. Other than that, the only
> resemblance is the resemblance between iframes and web components. One
> could also ask, how are web components different from iframes, in
> general?
In that webcomponents don't have a security boundary.
>
> You don't want to use an iframe instead of a web component. You might
> have a web component being used multiple times in a single webpage,
> like for showing dates in github. And in that case you wouldn't use an
> iframe, would you?
Why not? I mean, I know that iframes are kind of slow in mobile (30 to
40ms), but its not terrible, you can always preload them, and with
sandboxed iframes you could arguably be able to recycle them.
> The proposal I made includes web component pinning
> and interation with the security features of the web browser. The idea
> of isolated web components is to be the equivalent of SSL for
> end-to-end user security.
>
> If browsers had isolated web-components, Google wouldn't have created
> "end-to-end" [1] as a chrome extension - it could have made it
> available in Gmail Labs as an isolated web component - that would work
> in multiple web browsers and have the same level of security. That's
> the real power of web components in isolation - and because such a
> thing cannot be currently done, that's why I think we need it.
Humm I'm not sure I understand this part. The reason e2e is a Chrome
Extension is because we (I'm the Tech Lead of End-To-End) didn't want
Google to have access to secret key material. As such, we had to make sure
the UI was separate from the GMail UI.
>
> Regards,
> Eduardo
Received on Tuesday, 1 July 2014 14:53:44 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:06 UTC