- From: Timothy Hahn <hahnt@us.ibm.com>
- Date: Thu, 7 Jun 2007 07:13:49 -0400
- To: public-wsc-wg@w3.org
- Message-ID: <OFF77621A3.5C462C37-ON852572F3.003D129A-852572F3.003DB103@us.ibm.com>
Stephen, I certainly didn't want to constrain the proposal to require an implementation to build or use a "flat" set of profiles. I could even envision how the configuration could be built up of some cascading/over-riding/ordered set of profile chunks (think cascading style sheets or replacing whole sub-trees of a DOM tree). But all of this would be an implementation detail or technique in my opinion. As to the question about signed profiles, again, I think that is an implementaiton detail. Regards, Tim Hahn IBM Distinguished Engineer Internet: hahnt@us.ibm.com Internal: Timothy Hahn/Durham/IBM@IBMUS phone: 919.224.1565 tie-line: 8/687.1565 fax: 919.224.2530 Stephen Farrell <stephen.farrell@cs.tcd.ie> Sent by: public-wsc-wg-request@w3.org 06/07/07 06:56 AM To Timothy Hahn/Durham/IBM@IBMUS cc public-wsc-wg@w3.org Subject Re: ACTION-253 - new recommendation proposal available for comment Timothy Hahn wrote: > > Hi all, > > Per ACTION-253, I have provided a write-up of this proposal here: > http://www.w3.org/2006/WSC/wiki/RecommendationDisplayProposals/BrowserLockDown > > > I believe this completes the action. As at the f2f: I really like this. I reckon all more clever UA proposals will depend on this being done, or else be very brittle. One comment and one question: This seems to call for "flat" profiles where each one specifies all 7000 settings (at least implicitly). Did you think about composable profiles? E.g. where a named profile could be developed for say, active content (call that active-content-bad) and another profile for TLS settings (call that strict-pki), and then those might be composed, with a few additional settings into what some banking site would like (call that bigbank-preferred). Essentially this is the moral equivalent of: $ cat bigbank-preferred.h #include <active-content-bad.h> #include <strict-pki.h> #define MORESTUFF ... I guess the benefit would be that we could learn from one another more easily and have more commonality, the cost is added complexity that might (almost certainly would) turn into additional vulnerabilities (mainly down to deliberate or accidental overriding of selections probably). That was the comment:-) The question: Is there any way we can easily have these profiles be digitally signed? (Without inventing a new protocol.) As a user I'd like to be able to get 'em from local sysadmins, pals, the bank itself etc and not have to make a leap-of-faith each time. Unfortunately I think that is a new protocol. (Could we bend p3p to do this or something? Does p3p include signatures nowadays?) S.
Received on Thursday, 7 June 2007 11:14:11 UTC