On Wed, May 13, 2015 at 7:49 AM, Jonas Sicking <[email protected]> wrote: > On Tue, May 12, 2015 at 4:47 PM, Fabrice Desré <[email protected]> wrote: >> On 05/12/2015 04:30 PM, Tim Guan-tin Chien wrote: >>> Agree with the proposition too but I don't see the link between this >>> goal and the New Security Model. If trusted contents are still >>> delivered in packages, which is distinctively different from the rest >>> of the web? >> >> Look at packages like a transport layer. The important part is to have >> real public uris for these pages. There are "details" around the >> navigation from unprivileged to privileged content (and vice versa) that >> are yet to really be figured out. > > Exactly. Packages are not that different from http/2. In both > scenarios the client effectively download multiple HTTP URLs using a > single network request. It's just that packages force those URLs to > live in the same directory, and enables us to attach some metadata to > that directory. > > / Jonas
Right, the word "package" is not my topmost concern. My concern has always been around how signing is coupled with offline capabilities. It gives people false assumption that (1) only signed content works offline and (2) it give us headache when trying to figure out how AppCache or Service Worker with signed hosted content. (1) makes it accidentally easier to make FxOS-only app offline than any Web content, so many developers choose to do so (as evidenced on Marketplace) (2) makes the whole thing complex engineering-wise. I would like to see a security model where we only add a signature layer on top of the current web. I do think packages can be as useful as HTTP/2 or can be extended to affect http caching, but such feature offerings to the Web should be decoupled from the security model, if possible. The conversation I have with :paulj last time was that we have a security requirement where we must sign and verify trust contents (i.e. all it's resources) as whole, so there is no point NOT to deliver (and sign) everything as a package. I don't know if that is still the only compiling reason for us to couple security model w/ packaging. Tim _______________________________________________ dev-b2g mailing list [email protected] https://lists.mozilla.org/listinfo/dev-b2g
