W3C home > Mailing lists > Public > public-webappsec@w3.org > September 2015

Re: Automatic private browsing upgrades

From: Mike West <mkwst@google.com>
Date: Thu, 3 Sep 2015 17:59:58 +0200
Message-ID: <CAKXHy=e-ZrXXXc1HhwTNtkxFt+mr0kfqrkU+JAJaouQWTgKQOw@mail.gmail.com>
To: Richard Barnes <rbarnes@mozilla.com>
Cc: Francois Marier <francois@mozilla.com>, "public-webappsec@w3.org" <public-webappsec@w3.org>, François Légaré <flegare@gmail.com>, Mark Nottingham <mnot@mnot.net>
On Thu, Sep 3, 2015 at 5:25 PM, Richard Barnes <rbarnes@mozilla.com> wrote:

> Well, this immediately runs into the problem that there's no specification
> of what Private Browsing / Incognito mode actually does.  Even when it
> comes to basic things like cookie lifetime, there are different behaviors
> among browsers.  There has been some effort to clean this up, but AFAIK,
> not much progress.

I think mnot@ was looking at this.

I agree that there's some value in trying to converge here, but I suspect
there's not a lot of shared vision for the mode at the fringes. Tracking
Protection, for instance, goes well beyond "Don't store data persistently.".

> The long description (with mock-ups) is here:
>> https://wiki.mozilla.org/Security/Automatic_Private_Browsing_Upgrades
>> The above is a draft intended to start a discussion, but the main things
>> I'm wondering about are:
>> - Does it fit within our working group charter?
>> - Is CSP the right delivery mechanism?
>> - Should this be rolled into the clear-site-data spec instead?
> I feel like there are several current proposals dancing around a common
> concept:
> - Auto-PBM
> - Clear site data
> - Suborigins
> (This also relates the the Containers work that's going on in Firefox
> right now.
> https://wiki.mozilla.org/Security/Contextual_Identity_Project/Containers)
> All of these things relate to the origin security model being too loose,
> either in space (suborigins) or time (clear-site-data, auto-PBM).  Some of
> them (containers, auto-PBM) also carry along a notion that whatever
> constraints on the origin model are applied to the top-level site should
> also be transitively applied to its dependencies.
> I would rather we get this overall concept right than chase after these
> point solutions.

This sounds interesting, but also quite vague. What do you consider "this
overall concept"? :)

Received on Thursday, 3 September 2015 16:00:46 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:54:51 UTC