Nelson Bolyard wrote: > I believe you're saying that the browser grants too much access to signed > files.
He's saying that simply signing is nothing in itself. Once signed, files can ask for certain privileges. The set of privileges is somewhat coarse-grained (being fine-grained would involve having tens of thousands of possible privileges one can request). Therefore, by definition, granting these privileges means granting more access than the signed file actually needs. > The issue is not with the signatures on the files, but with the > access that the browser grants to them. Is getting rid of signed files > necessary to solve the problem of browser granting them too much access? We're discussing dropping the ability of signed HTML pages to request extra access rights. Per above, I do think dropping this ability is needed to solve the problem of granting such files too much access. I'm not sure whether that's the meaning you understood for "getting rid of signed files". > With DNS spoofing on the rise, and MITM attacks becoming more prevalent > (for non SSL sites), is it wise to lessen our resistance to spoofed > downloads? I'm not sure what exactly you're asking here. -Boris _______________________________________________ dev-security mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security
