> The assumption indeed is that the user expresses trust on sites > converted to app tabs; he will check his location and the security UI > before converting the tab to an app tab.
I am not sure how the app tab UI will work - but if its going to be as simple as 'right click- make app tab' then I don't think this assumption is warranted. If there is a pop-up from the browser '"blahblah.com wants to be an app? Do you trust it?' then maybe I can buy that assumption. > We've briefly discussed downgrading the app tab to a regular tab if the > certificate's security properties change (e.g., EV->DV, or a new cert > shows up, etc). We also briefly discussed what would cause the tab > downgrade to happen (e.g., should we downgrade when the cert changes > even if it's valid? This would hose CDNs). I am not sure if a downgrade would be noticed. Wouldn't a notification - 'something bad happened' be better? imho, if cert changes from EV->DV we should downgrade, but a DV->DV/EV->EV change might not matter much. thanks devdatta On 25 June 2010 12:17, Sid Stamm <[email protected]> wrote: > This strangeness occurred to me too. > > The assumption indeed is that the user expresses trust on sites > converted to app tabs; he will check his location and the security UI > before converting the tab to an app tab. Once it is an app tab, any > links directing the user off the site will open in a new standard tab, > so that the user won't be switching top-level document domains in the > app tab. > > There are two other things to consider. There must be a way to get at > the security/SSL UI; this will be available when the user clicks the app > tab's icon. Also, certificate errors should be obvious; the usual > security warnings will show up if there are cert errors. > > We've briefly discussed downgrading the app tab to a regular tab if the > certificate's security properties change (e.g., EV->DV, or a new cert > shows up, etc). We also briefly discussed what would cause the tab > downgrade to happen (e.g., should we downgrade when the cert changes > even if it's valid? This would hose CDNs). > > Cheers, > Sid > > > > On 6/24/10 11:18 p, Devdatta Akhawe wrote: >> Hi >> >> I was looking at >> http://blog.mozilla.com/faaborg/2010/06/24/why-tabs-are-on-top-in-firefox-4/ >> and noticed the app tabs feature being talked about. I am concerned >> about the security implications of app tabs. I can't seem to notice >> any trusted indicator of my current location while in an app tab >> (slide over to 2:30 in the video). It seems like this would make app >> tabs ripe for phishing attacks. >> >> Is the assumption that the user will always first check his location >> and only then convert to app tabs ? What exactly is the model here ? >> >> >> thanks >> devdatta > _______________________________________________ > dev-security mailing list > [email protected] > https://lists.mozilla.org/listinfo/dev-security > _______________________________________________ dev-security mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security
