This strangeness occurred to me too. The assumption indeed is that the user expresses trust on sites converted to app tabs; he will check his location and the security UI before converting the tab to an app tab. Once it is an app tab, any links directing the user off the site will open in a new standard tab, so that the user won't be switching top-level document domains in the app tab.
There are two other things to consider. There must be a way to get at the security/SSL UI; this will be available when the user clicks the app tab's icon. Also, certificate errors should be obvious; the usual security warnings will show up if there are cert errors. We've briefly discussed downgrading the app tab to a regular tab if the certificate's security properties change (e.g., EV->DV, or a new cert shows up, etc). We also briefly discussed what would cause the tab downgrade to happen (e.g., should we downgrade when the cert changes even if it's valid? This would hose CDNs). Cheers, Sid On 6/24/10 11:18 p, Devdatta Akhawe wrote: > Hi > > I was looking at > http://blog.mozilla.com/faaborg/2010/06/24/why-tabs-are-on-top-in-firefox-4/ > and noticed the app tabs feature being talked about. I am concerned > about the security implications of app tabs. I can't seem to notice > any trusted indicator of my current location while in an app tab > (slide over to 2:30 in the video). It seems like this would make app > tabs ripe for phishing attacks. > > Is the assumption that the user will always first check his location > and only then convert to app tabs ? What exactly is the model here ? > > > thanks > devdatta _______________________________________________ dev-security mailing list dev-security@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security