On Wed, 29 Aug 2007 17:12:44 +0200, Williams, Stuart (HP Labs, Bristol)
<[EMAIL PROTECTED]> wrote:
1) The TAG would like the introduction to the document to contain a
fuller account of the rationale behind the existing UA sandbox policy and
the attacks that it is intended to guard against. For example, we
believe that
one of the key use-cases that the sandbox policy is intended to address
is
leakage of confidential information from behind a firewall arising from
either accidental or malicious scripted behaviour executing within the
UA.
That is correct. I mentioned this now in the introduction:
http://dev.w3.org/2006/waf/access-control/Overview.html#introduction
We would then like the document to indicate whether there are
situations where implementation of the Read Access Control Policy
mechanism would make a UA and the network to which it is attached any
more vulnerable to
attack.
We think that the increased risk is probably small, but we believe
that the document should present more analysis than it does at present.
I tried making this more clear in the security section:
http://dev.w3.org/2006/waf/access-control/Overview.html#security
My apologies for the late reply. I've been busy with some other tasks.
--
Anne van Kesteren
<http://annevankesteren.nl/>
<http://www.opera.com/>
