On Mon, Dec 14, 2009 at 10:16 AM, Adam Barth <[email protected]> wrote: > On Mon, Dec 14, 2009 at 5:53 AM, Jonathan Rees <[email protected]> > wrote: >> The only complaint I know of regarding UM is that it is so complicated >> to use in practice that it will not be as enabling as CORS > > Actually, Tyler's UM protocol requires the user to confirm message 5 > to prevent a CSRF attack. Maciej's CORS version of the protocol > requires no such user confirmation. I think it's safe to say that > asking the user to confirm security-critical operations is not a good > approach.
For Ian Hickson's challenge problem, I came up with a design that does not require any confirmation, or any other user interaction. See: http://lists.w3.org/Archives/Public/public-webapps/2009OctDec/1232.html That same design can be used to solve Maciej's challenge problem. --Tyler -- "Waterken News: Capability security on the Web" http://waterken.sourceforge.net/recent.html
