- From: Yngve Nysaeter Pettersen <yngve@opera.com>
- Date: Tue, 30 Jan 2007 16:48:34 +0100
- To: "Hal Lockhart" <hlockhar@bea.com>, "George Staikos" <staikos@kde.org>, "W3 Work Group" <public-wsc-wg@w3.org>
On Tue, 30 Jan 2007 16:31:17 +0100, Hal Lockhart <hlockhar@bea.com> wrote: > > I can think of a clarification and two more cases to think about. > > First, when you say all the content on a page is protected, does that > imply it is all from the same site? (same in the sense of the XSS rules, > e.g. *.example.com) If "protected" means "served by TLS" with authentication and encryption I'd say that as long as all elements are served in such a manner the content of the page is protected. (one might argue about authentication only ciphers, but those do not protect the data against eavesdropping, only modification) As I've mentioned earlier, there are a couple of corner cases, such an initial unsecure-to-secure redirects where one would have to consider whether or not the resulting page can be considered secure. > Second, what about pages with frames. Presumably all the frames are > considered a page, but I believe frames can be updated individually. > What happens if one frame goes insecure? > > Similar questions apply to an Ajax application. What happens if an > update is not secure? IMO, as soon as a frame, script, applet etc. requests data over an unsecure connection, the security level should be set to "not secure". That is the way Opera works. An application usually have no way to tell how sensitive a resources is (for example: is it "just" a spacer image, or is it a graph that could possibly leak information about what a high profile investor would be investing in next?). As should be apparent, I lean in the direction that mixing secure and unsecure content should not be permitted (we do at the moment due to interoperability concerns, but I'd rather not). >> -----Original Message----- >> From: public-wsc-wg-request@w3.org > [mailto:public-wsc-wg-request@w3.org] >> On Behalf Of George Staikos >> Sent: Sunday, January 21, 2007 10:24 PM >> To: W3 Work Group >> Subject: Re: What is a secure page? >> >> >> >> Hmm does that mean that the location/url bar is going into the tab >> too? :-) >> >> On 17-Jan-07, at 9:35 AM, Stuart E. Schechter wrote: >> >> > >> >>> The FireFox 2 tabs contain a window close button that used to >> >>> be part >> >> of >> >>> the window frame. Presumably they were moved here because users >> >>> didn't >> >>> understand, or weren't comfortable with, the model in which a >> >>> close icon >> >> for >> >>> the window closed a tab. >> >> >> >> So that sounds like data that could be used to argue the scoping is >> >> effective. >> >> >> >> Mez >> > >> > I don't understand the logic there. Firefox 2 is moving away >> > from the >> > model in which users are presumed to understand that all browser >> > buttons >> > within a window apply to the current tab. They are moving to a >> > model in >> > which you have to explicitly show the user that the button applies >> > to the >> > tab by putting it into the tab itself. How would you argue that >> > this change >> > supports the effectiveness of the scoping? >> > >> > >> > >> >> -- >> George Staikos >> KDE Developer http://www.kde.org/ >> Staikos Computing Services Inc. http://www.staikos.net/ >> >> >> > > -- Sincerely, Yngve N. Pettersen ******************************************************************** Senior Developer Email: yngve@opera.com Opera Software ASA http://www.opera.com/ Phone: +47 24 16 42 60 Fax: +47 24 16 40 01 ********************************************************************
Received on Tuesday, 30 January 2007 15:52:02 UTC