On 3/26/2012 5:47 AM, Paul Theriault wrote: > >>> What do you mean by 'Code Enumerated in the Manifest'? >> Unless this has changed recently, I believe we are using appcache for >> installable apps. Appcache requires a manifest >> that contains an explicit list of assets to assure they can be cached >> locally and that the app will work offline and >> be performant when network connectivity is poor / inconsistent. >> http://www.whatwg.org/specs/web-apps/current-work/multipage/offline.html >> Lucas. > When you stated "Code Enumerated in the Manifest" I had thought you meant the > signature of the application as > described by the Web App manifest, not the appcache manifest. >
Good point. I'm thinking the best way forward might be to document that installed apps should be "strongly authenticated" and leave it at that until after we've enumerated the expected behavior of webAPIs for each application type. That will really flesh out the risks inherent in each app category, and we can have a more productive discussion on how to mitigate the resulting risk. Otherwise we're debating security model implementations (SSL vs code signing) without having established what exactly we are trying to protect. Lucas. > I'd suggest that for "Installable Web Applications" should be more related to > the Web App manifest, i.e. the domain or > domains that make up that web app, something like: > > Scope: Security permissions are granted to the domain hosting the Web App > manifest > > (or "Security permissions are granted to the domains/endpoints enumerated in > the manifest" if we move towards a > multi-domain/multi-page app scope as is being discussed in this thread: > https://groups.google.com/d/topic/mozilla.dev.webapps/90VfuxnmWYQ/discussion) > > And then leave the trusted/core/os-level scope as "code enumerated in the > manifest", as these are the applications > where we need to explicitly enumerate the codebase, so that integrity of the > code can be enforced. But then the Web > App manifest will need to be extended to outline how this code is enumerated, > as it doesn't currently AFAIK (maybe > just by referencing an appcache manifest) > > - Paul >> _______________________________________________ >> dev-b2g mailing list >> [email protected] >> https://lists.mozilla.org/listinfo/dev-b2g _______________________________________________ dev-security mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security
