Hi! On 16.04.19 14:29, intrigeri wrote: > jvoisin: >>> General security implications >>> ----------------------------- >>> >>> The question we are asking ourselves is: are there any predictable >>> downsides to move the verification code from an extension to the website? > >> I don't see any significant downsides. > > I could not find any either, as long as the threat called [H] in the > design doc of the current system can be mitigated, either in the same > way as what we currently do (see Cross-origin communication and > Content Security Policy paragraphs) or in other ways.
Noted. I think that we would need to and we'll be able to tighten the Cross-origin policy compared to what the extension currently does. > One rather minor implementation note, that's relevant in this context > only because any software is only as secure as the _version run by > actual users_: this migration increases the need to ensure web > browsers use the correct version of the relevant web resources (such > as JavaScript files), to replace the extension version check we > currently have, which is done for every download. At the moment JS can > be cached for 24h. We have a ticket about this already; I think it > needs to be part of the migration plan. I don't think this increases this need: it's still the same as it is now, as the Installation Assistant already uses Javascript files hosted on the server. Is the ticket you are talking about this one: https://redmine.tails.boum.org/code/issues/16091? (It's about CSS, not JS, but I suspect the exact same issue applies.) Cheers! u. _______________________________________________ Tails-dev mailing list [email protected] https://www.autistici.org/mailman/listinfo/tails-dev To unsubscribe from this list, send an empty email to [email protected].
