On Thu, 04 Dec 2008 15:42:46 +0100, Thomas Roessler <[EMAIL PROTECTED]> wrote:
Have you considered what the requirements would be for external
resources, e.g., scripts sourced through a script tag?
That would have to be determined by a security model that applies to the signed
package. Opera's implementation could for instance allow:
<script src="https://good.example.com/script.js";></script>
... while it could deny
<script src="http://bad.example.com/script.js";></script>
--
Arve Bersvendsen
Developer, Opera Software ASA, http://www.opera.com/
