Re: Security use cases for packaging

Brad Hill <hillbrad@gmail.com> writes:

> Paging (future Dr.) Deian Stefan to the ER...
>
> Any thoughts on using COWL for this kind of thing, with a pinned crypto key
> as a confinement label to be combined with the regular Origin label?


Thanks for paging me! I've thought about something like this---providing
some form of code integrity---in the context of COWL as well.

The idea was to grant a worker the privilege corresponding to the (hash
of the) source, in addition to its origin. This would allow a server to
verify if the code it is communicating with is trustworthy.
(COWL labels are not limited to origins.)

I really like Yan's use case. And I think it fits in pretty naturally
with COWL: the app, if verification succeeds, can be granted the
privilege corresponding to the (hash of the) crypto key:
Privilege(https://cryptomail.yahoo.com).and(app-key:...).
Other code from the same origin would only have Privilege(https://cryptomail.yahoo.com).

I think this may partly address Chris and Dev's concerns.  But deciding
when not to run the app code is still a question. Though I think the
github issue already brings this up.

Deian

Received on Friday, 30 January 2015 00:54:28 UTC