[prev in list] [next in list] [prev in thread] [next in thread]
List: cryptography-randombit
Subject: Re: [cryptography] How to safely produce web pages from multiple sources?
From: Florian Weimer <fw () deneb ! enyo ! de>
Date: 2012-08-30 19:03:18
Message-ID: 877gsgcidl.fsf () mid ! deneb ! enyo ! de
[Download RAW message or body]
* James A. Donald:
> How does Bob make sure his web page cannot have its secrets leaked,
> nor can the content that Bob intends to control be controlled by
> Malloc, so that Malloc cannot man-in-the-middle, cannot spy on, nor
> change, the conversation between Bob and Carol, cannot lead Carol to
> think Bob said something different from that which he intended to say,
> nor lead Bob to think that Carol clicked on something other than that
> which she clicked on?
Serve the content from a different domain, possibly using an IFRAME.
The browser security model is supposed to make this safe.
This does not prevent semantic attacks, when users get confused about
which web site they are actually using.
_______________________________________________
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic