- From: Mary Ellen Zurko <Mary_Ellen_Zurko@notesdev.ibm.com>
- Date: Wed, 31 Jan 2007 09:29:30 -0500
- To: yngve@opera.com
- Cc: "Hal Lockhart" <hlockhar@bea.com>,"W3 Work Group" <public-wsc-wg@w3.org>
- Message-ID: <OF6B17B6B6.C1F5B5E4-ON85257274.004F9127-85257274.004F9B7D@LocalDomain>
Or a use case. I lean towards use case. Hal, is that covered in the use
cases?
Mez
Mary Ellen Zurko, STSM, IBM Lotus CTO Office (t/l 333-6389)
Lotus/WPLC Security Strategy and Patent Innovation Architect
"Yngve N. Pettersen (Developer Opera Software ASA)" <yngve@opera.com>
Sent by: public-wsc-wg-request@w3.org
01/30/2007 01:15 PM
To
"Hal Lockhart" <hlockhar@bea.com>, "George Staikos" <staikos@kde.org>, "W3
Work Group" <public-wsc-wg@w3.org>
cc
Subject
Re: What is a secure page?
On Tue, 30 Jan 2007 19:01:40 +0100, Hal Lockhart <hlockhar@bea.com> wrote:
>
> By protected, I meant secure in the sense used at the start of this
> thread, i.e. does the browser currently show a padlock?
>
> So are you saying I can be looking at a page, marked with a padlock,
> with the URI and the main Frame from BusyBank.com (using TLS) and
> another Frame from EvilGuys.org (also using TLS)?
Yes, there is currenly no concept about how to detect/handle third party
sites in the connection of secure secure vs. unsecure secure.
A number of sites also mix content from different servers.
One might also ask what constitute a third party. just consider foo.co.uk
and bar.co.uk
Maybe a specific topic that need to be discussed?
>> -----Original Message-----
>> From: Yngve Nysaeter Pettersen [mailto:yngve@opera.com]
>> Sent: Tuesday, January 30, 2007 10:49 AM
>> To: Hal Lockhart; George Staikos; W3 Work Group
>> Subject: Re: What is a secure page?
>>
>> On Tue, 30 Jan 2007 16:31:17 +0100, Hal Lockhart <hlockhar@bea.com>
> wrote:
>>
>> >
>> > I can think of a clarification and two more cases to think about.
>> >
>> > First, when you say all the content on a page is protected, does
> that
>> > imply it is all from the same site? (same in the sense of the XSS
> rules,
>> > e.g. *.example.com)
>>
>> If "protected" means "served by TLS" with authentication and
> encryption
>> I'd say that as long as all elements are served in such a manner the
>> content of the page is protected. (one might argue about
> authentication
>> only ciphers, but those do not protect the data against eavesdropping,
>> only modification)
>>
>> As I've mentioned earlier, there are a couple of corner cases, such an
>> initial unsecure-to-secure redirects where one would have to consider
>> whether or not the resulting page can be considered secure.
>>
>> > Second, what about pages with frames. Presumably all the frames are
>> > considered a page, but I believe frames can be updated individually.
>> > What happens if one frame goes insecure?
>> >
>> > Similar questions apply to an Ajax application. What happens if an
>> > update is not secure?
>>
>> IMO, as soon as a frame, script, applet etc. requests data over an
>> unsecure connection, the security level should be set to "not secure".
>> That is the way Opera works.
>>
>> An application usually have no way to tell how sensitive a resources
> is
>> (for example: is it "just" a spacer image, or is it a graph that could
>> possibly leak information about what a high profile investor would be
>> investing in next?). As should be apparent, I lean in the direction
> that
>> mixing secure and unsecure content should not be permitted (we do at
> the
>> moment due to interoperability concerns, but I'd rather not).
>>
>>
>> >> -----Original Message-----
>> >> From: public-wsc-wg-request@w3.org
>> > [mailto:public-wsc-wg-request@w3.org]
>> >> On Behalf Of George Staikos
>> >> Sent: Sunday, January 21, 2007 10:24 PM
>> >> To: W3 Work Group
>> >> Subject: Re: What is a secure page?
>> >>
>> >>
>> >>
>> >> Hmm does that mean that the location/url bar is going into the tab
>> >> too? :-)
>> >>
>> >> On 17-Jan-07, at 9:35 AM, Stuart E. Schechter wrote:
>> >>
>> >> >
>> >> >>> The FireFox 2 tabs contain a window close button that used
> to
>> >> >>> be part
>> >> >> of
>> >> >>> the window frame. Presumably they were moved here because
> users
>> >> >>> didn't
>> >> >>> understand, or weren't comfortable with, the model in which a
>> >> >>> close icon
>> >> >> for
>> >> >>> the window closed a tab.
>> >> >>
>> >> >> So that sounds like data that could be used to argue the scoping
> is
>> >> >> effective.
>> >> >>
>> >> >> Mez
>> >> >
>> >> > I don't understand the logic there. Firefox 2 is moving away
>> >> > from the
>> >> > model in which users are presumed to understand that all browser
>> >> > buttons
>> >> > within a window apply to the current tab. They are moving to a
>> >> > model in
>> >> > which you have to explicitly show the user that the button
> applies
>> >> > to the
>> >> > tab by putting it into the tab itself. How would you argue that
>> >> > this change
>> >> > supports the effectiveness of the scoping?
>> >> >
>> >> >
>> >> >
>> >>
>> >> --
>> >> George Staikos
>> >> KDE Developer http://www.kde.org/
>> >> Staikos Computing Services Inc.
http://www.staikos.net/
>> >>
>> >>
>> >>
>> >
>> >
>>
>>
>>
>> --
>> Sincerely,
>> Yngve N. Pettersen
>>
>> ********************************************************************
>> Senior Developer Email:
yngve@opera.com
>> Opera Software ASA http://www.opera.com/
>> Phone: +47 24 16 42 60 Fax: +47 24 16 40 01
>> ********************************************************************
>
--
Sincerely,
Yngve N. Pettersen
********************************************************************
Senior Developer Email: yngve@opera.com
Opera Software ASA http://www.opera.com/
Phone: +47 24 16 42 60 Fax: +47 24 16 40 01
********************************************************************
Received on Wednesday, 31 January 2007 14:29:46 UTC