[whatwg] Updating Location Bar for RPC Type Apps

Do you have an idea of what the threat model might be?  I.e. who is 
attacking, why are they attacking, and how will they usually be attacking.

Brad

At 12:27 PM 4/22/2005, Ian Hickson wrote:
>On Fri, 22 Apr 2005, Brad Neuberg wrote:
> >
> > In fact, we should do a security, phishing, and annoyance scan (blink
> > tag anyone?) over the WHAT-WG draft itself sometime, forming a threat
> > model before so we know what potential attackers would actually be
> > trying to do.
>
>Yes, this would (naturally) be a good idea. I encourage anyone who has the
>time to do this regularly.
>
>(Of course, I'm thinking carefully about security whenever adding features
>to the draft, so hopefully there won't be any! But there always are...)
>
>--
>Ian Hickson               U+1047E                )\._.,--....,'``.    fL
>http://ln.hixie.ch/       U+263A                /,   _.. \   _\  ;`._ ,.
>Things that are impossible just take longer.   `._.-(,_..'--(,_..'`-.;.'

Brad Neuberg, bkn3 at columbia.edu
Senior Software Engineer, Rojo Networks
Weblog: http://www.codinginparadise.org

=====================================================================

Check out Rojo, an RSS and Atom news aggregator that I work on.  Visit 
http://rojo.com for more info. Feel free to ask me for an invite!

Rojo is Hiring!  If you're interested in RSS, Weblogs, Social Networking, 
Java, Open Source, etc... then come work with us at Rojo.  If you recommend 
someone and we hire them you'll get a free iPod!  See 
http://www.rojonetworks.com/JobsAtRojo.html. 

Received on Friday, 22 April 2005 16:13:14 UTC