Re: Signed and indexed packaging proposal. from Brad Hill on 2016-11-18 (public-webappsec@w3.org from November 2016)

From: Brad Hill <hillbrad@gmail.com>
Date: Fri, 18 Nov 2016 02:28:23 +0000
To: Martin Thomson <mt@mozilla.com>, Mike West <mkwst@google.com>
Cc: "public-webappsec@w3.org" <public-webappsec@w3.org>, yan zhu <yan@mit.edu>, Dmitry Titov <dimich@google.com>, Alex Russell <slightlyoff@google.com>
Message-ID: <CAEeYn8ixnOb3pSVkeCr1-OUErVLAn0ZPdgkKPB2QqG-hcLbVjQ@mail.gmail.com>

I also can't see the GitHub links from that discussion.

It sounds like this is about extending the set of content that can assert /
enter the security principal for a secure origin to offline packaged
content with an appropriate signature.

The cases that Yan and I are interested in are a bit different.  We would
like to create an application security principal (origin, sub-origin, etc.)
which _only_ a set of specifically identified and limited set of content
can assert.  (with the goal of being able to tell users definitively what
application codebase they are running to prevent partitioning and be
comparable against an audit report)

 I don't think the different ideas interfere destructively, though they
perhaps don't help each other, either.  I could be very wrong, though, will
have to be able to see the actual proposals.

-Brad

On Thu, Nov 17, 2016 at 6:08 PM Martin Thomson <mt@mozilla.com> wrote:

> On Thu, Nov 17, 2016 at 8:39 PM, Mike West <mkwst@google.com> wrote:
> > Dmitry from the Chrome team has put together a packaging proposal at
> >
> https://discourse.wicg.io/t/proposal-packaging-for-the-web-signed-and-indexed/1827
> > that's relevant to this group's interests. Review would be ever so much
> > appreciated.
>
> The link to the proposal is broken in a way I was unable to recover,
> so I can't comment.
>
> I abandoned signing for a variety of reasons, so I'd caution that this
> isn't trivial to get right.
>

Received on Friday, 18 November 2016 02:29:05 UTC