On Fri, Sep 18, 2009 at 6:27 AM, Peter Gutmann
pgut...@cs.auckland.ac.nz wrote:
Although the draft has expired, the concept lives on in various tools. For
example DownThemAll for Firefox supports this. There was some discussion
about including it into FF3, but then the draft was dropped and
On Thu, Aug 27, 2009 at 11:57 PM, Brian Warner war...@lothar.com wrote:
== Integrity ==
To start with integrity-checking, we could imagine a firefox plugin that
validated a PyPI-style #md5= annotation on everything it loads. The rule
would be that no action would be taken on the downloaded
On Sep 15, 2009, at 4:12 PM, James A. Donald wrote:
The ideas used in Tahoe are useful tools that can be used to solve
important problems.
Yes, and I'd be happy to opine on that as soon as someone told me what
those important problems are.
--
Ivan Krstić krs...@solarsail.hcs.harvard.edu
On Aug 27, 2009, at 2:57 PM, Brian Warner wrote:
I've no idea how hard it would be to write this sort of plugin. But
I'm
pretty sure it's feasible, as would be the site-building tools. If
firefox had this built-in, and web authors used it, what sorts of
vulnerabilities would go away? What
Ivan Krsti wrote:
What you're proposing amounts to a great deal of complex and complicated
cryptography. If it were implemented tomorrow, it would take years for
the most serious of implementation errors to get weeded out, and some
years thereafter for proper interoperability in corner cases.