On Monday, March 19, 2012 6:33:41 PM UTC, Ian Bicking wrote:
> On Mon, Mar 19, 2012 at 10:19 AM, Andreas Gal <[email protected]> wrote:
>
> > I think the same system works just fine, with a twist. For highly
> > privileged APIs only trusted stores can grant access and those stores can
> > require to host your code from a domain they control. This requires much
> > less reinventing the web than the signature idea. The Mozilla store for
> > example can require that all highly trusted apps are hosted at
> > app5472.mozilla.org etc. For many stores app hosting will be part of the
> > service they use to compete for developers.
> >
>
> This is an interesting tweak; I'm guessing it means something like a
> Content Security Policy (CSP:
> https://developer.mozilla.org/en/Introducing_Content_Security_Policy)
brilliant: i was looking for that definition. now i understand what's being
referred to. i note it's been added here, which is great!
https://wiki.mozilla.org/Apps/Security#Definitions
ok. so. a summary of the problems with using SSL - and CSP,
and "pinning" - is described here:
https://wiki.mozilla.org/Apps/Security#The_Problem_With_Using_SSL
the summary: it's too complex to deploy, and its deployment results in
the site becoming a single-point-of-failure [think: 1,000,000 downloads
of angri burds a day].
l.
_______________________________________________
dev-security mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-security
