- From: Brendan Long <self@brendanlong.com>
- Date: Thu, 26 Jun 2014 13:00:36 -0500
- To: Mikko Rantalainen <mikko.rantalainen@peda.net>, whatwg@lists.whatwg.org
On 06/26/2014 01:18 AM, Mikko Rantalainen wrote: > However, the suggested hash signature is far from enough. Most popular > libraries have means to load additional files and plugins and the > suggested hash is able to "sign" only the main file. If you cannot > trust the CDN provider, you cannot trust that the rest of the files > have not been modified. An attacker could use *any* file in the CDN > network for an attack. If your signature cannot cover *all* files, > adding the signature is wasted effort. There's no need to provide any > additional tools for false sense of security. Couldn't the main file check any additional files it downloads, either by loading them via script tag with hash or by manually hashing them as they're downloaded (presumably easier once WebCrypto is adopted)?
Received on Thursday, 26 June 2014 18:01:39 UTC