Re: [MIX] Language improvement for authenticated origin defintiion

On Tue, Nov 18, 2014 at 8:44 AM, Jeffrey Yasskin <jyasskin@google.com>
wrote:

> On Tue, Nov 18, 2014 at 8:04 AM, Mark Watson <watsonm@netflix.com> wrote:
>
>> All,
>>
>> I find the definition in terms of can X "use powerful features ?"
>> problematic, because the term "powerful features" is undefined and also a
>> matter of case-by-case judgement on the part of the responsible working
>> groups.
>>
>> It may also be the case that different "powerful features" choose to use
>> slightly different definitions. For example, Chrome's implementation of
>> WebCrypto works only if the Document's origin is authenticated wheras it's
>> been proposed that for EME any such restrictions be based on the origin of
>> the top-level browsing context.
>>
>
> As the editor of one of the specs that intends to use the "powerful
> features" definition (
> https://webbluetoothcg.github.io/web-bluetooth/#device-access-is-powerful),
> I'd much rather a security group define the restrictions for that, than
> need to figure it out on my own. The specs with political fights over this
> can include their own wording, but the rest of us should have a single
> definition to point to.
>

​Absolutely. I'm not saying this group should not do the definition or that
it should change the definition. I'm just suggesting it be called something
with fewer ambiguous implications.​


>
> One could also see this procedure as a kind of backwards *definition* of
>> "powerful features", i.e. "Powerful Features are those features that may
>> only be used if the following procedure returns "Allowed".", and then my
>> comments are that it may not be only for this group to create such a
>> definition.
>>
>
> My spec currently uses the old "authenticated environment" phrase because
> I haven't updated it since the term changed, but I'll be fine saying that
> "Bluetooth is a powerful feature; follow the restrictions defined over
> there."
>

That's fine. What I mean is that you can decide whether the feature is
"powerful" or not and you can decide which of the restrictions defined by
webappsec apply to your feature (right now perhaps they only have one set
of restrictions available).

It's also entirely possible that a group decides the restrictions defined
by webappsec should be applied to some feature which is not "powerful" or
about which there is no consensus on whether it is "powerful" or not. The
webappsec language shouldn't preclude that.

...Mark


>
> It would be better if the procedure were renamed in more concrete terms:
>> "Is Document's origin authenticated ?" or "Is Document potentially trusted
>> ?" etc.
>>
>> ...Mark
>>
>>
>>
>

Received on Tuesday, 18 November 2014 17:24:30 UTC