On Wed, Jul 10, 2019 at 2:41 PM housley--- via dev-security-policy < [email protected]> wrote:
> People find logos very helpful. That is why many browsers display a tiny > logo in the toolbar. > Are you talking the favicon? An attacker controlled resource which should not be used for trust, and in many browsers, is no longer displayed in in the toolbar, except for sites the user has visited? > I would suggest that a better way forward is to start the hard work on the > validation process. It will not be difficult for that to become more > robust and accessible than the logos in the toolbar. > You're right, it would be fairly easy, because there is no such validation, nor is there need for it. Thus, it seems any suggestion at validation is significantly less robust, accessible, or useful. _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
