Brad Hill <hillb...@gmail.com> writes:
> Paging (future Dr.) Deian Stefan to the ER... > > Any thoughts on using COWL for this kind of thing, with a pinned crypto key > as a confinement label to be combined with the regular Origin label? Thanks for paging me! I've thought about something like this---providing some form of code integrity---in the context of COWL as well. The idea was to grant a worker the privilege corresponding to the (hash of the) source, in addition to its origin. This would allow a server to verify if the code it is communicating with is trustworthy. (COWL labels are not limited to origins.) I really like Yan's use case. And I think it fits in pretty naturally with COWL: the app, if verification succeeds, can be granted the privilege corresponding to the (hash of the) crypto key: Privilege(https://cryptomail.yahoo.com).and(app-key:...). Other code from the same origin would only have Privilege(https://cryptomail.yahoo.com). I think this may partly address Chris and Dev's concerns. But deciding when not to run the app code is still a question. Though I think the github issue already brings this up. Deian