On Mon, Apr 13, 2015 at 3:00 PM, Frederik Braun <fbr...@mozilla.com> wrote:
> On 13.04.2015 20:52, david.a.p.ll...@gmail.com wrote: > > > >> 2) Protected by subresource integrity from a secure host > >> > >> This would allow website operators to securely serve static assets from > non-HTTPS servers without MITM risk, and without breaking transparent > caching proxies. > > > > Is that a complicated word for SHA512 HASH? :) You could envisage a new > http URL pattern http://video.vp9?<SHA512-HASH> > > I suppose Subresource Integrity would be http://www.w3.org/TR/SRI/ - > > But, note that this will not give you extra security UI (or less > warnings): Browsers will still disable scripts served over HTTP on an > HTTPS page - even if the integrity matches. > > This is because HTTPS promises integrity, authenticity and > confidentiality. SRI only provides the former. > I agree that we should probably not allow insecure HTTP resource to be looped in through SRI. There are several issues with this idea, but the one that sticks out for me is the risk of leakage from HTTPS through these http-schemed resource loads. For example, that fact that you're loading certain images might reveal which Wikipedia page you're reading. --Richard > _______________________________________________ > dev-platform mailing list > dev-platform@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-platform > _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
