W3C home > Mailing lists > Public > public-webappsec@w3.org > September 2015

Re: A Somewhat Critical View of SOP (Same Origin Policy)

From: Tony Arcieri <bascule@gmail.com>
Date: Mon, 14 Sep 2015 08:43:20 -0700
Message-ID: <CAHOTMVLgeBSAZmQXNGgnv93t6XJrS8X1Lw+s_ondxpbRonUzYA@mail.gmail.com>
To: Rigo Wenning <rigo@w3.org>
Cc: "public-web-security@w3.org" <public-web-security@w3.org>, "Mike O'Neill" <michael.oneill@baycloud.com>, Anders Rundgren <anders.rundgren.net@gmail.com>, public-webappsec@w3.org
On Mon, Sep 14, 2015 at 4:57 AM, Rigo Wenning <rigo@w3.org> wrote:

> Coming on with the SOP as a drop dead argument against hardware security


SOP doesn't work with PKCS#11-style APIs. FIDO shows what's possible with
hardware tokens that respect the SOP, though.

-- 
Tony Arcieri
Received on Monday, 14 September 2015 15:44:09 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:15 UTC