The whole concept of trusted apps being trusted in their UI is somewhat different than we had originally been thinking (where apps were trusted to use particularly sensitive APIs). If we're going to consider this case (and I think it is reasonable to at least consider it), it leads to some further questions. First, is there a way to tell a trusted app from a webby app? Do we want to apply a lock overlay on the app icon to indicate it is trusted? Or flash a lock icon as the app launches, or something else? If it is just me having to remember which apps I have installed are trusted apps, this seems like a poor solution as most people aren't going to be able to do that. Second question, is there a way to tell if an app (either trusted or not) is using SSL to fetch content? Browsers display something in the chrome in the case of SSL connections. Apps don't have any chrome, so is there a way for a user to tell how the app is connecting to the home server or other third party servers? It seems to be something that might be useful to users. -Jim Straus
On Jul 13, 2012, at 6:30 AM, Henri Sivonen wrote: > Verifying that you are interacting with an entity you "trust" (as > opposed to receiving bytes certified in advance by a third party) is > already a solved problem on the Web: https. I suggest that the B2G > security model attached trust to suppliers of applications rather than > to particular bits of client-side application code. This way, there's > no need to solve the problem of verifying signatures on client-side > pieces of application code and it's possible to instead focus on > hardening https identity verification e.g. by pinning the https > private key of the trusted app so that the app is safe against attacks > leveraging the multitude of CAs. > _______________________________________________ dev-webapps mailing list [email protected] https://lists.mozilla.org/listinfo/dev-webapps
