Opened at 2008-03-23T02:10:11Z
Last modified at 2024-08-27T16:04:40Z
#366 assigned defect
address Nathan Wilcox's concerns about "Tahoe and the browser security model" — at Initial Version
| Reported by: | zooko | Owned by: | nobody |
|---|---|---|---|
| Priority: | major | Milestone: | eventually |
| Component: | code-frontend-web | Version: | 0.9.0 |
| Keywords: | security capleak docs websec | Cc: | nejucomo |
| Launchpad Bug: |
Description
On the mailing list Nathan Wilcox posted some general concerns about how Tahoe's WUI relies on a security model which is different than the one almost everyone thinks of when they think of web browsers and URLs.
It is through such cracks between people's models that security failures slip (according to Ross Anderson's book Security Engineering).
If we could address these concerns, at least by documentation, for Tahoe v1.0 I would feel better.
Note: See
TracTickets for help on using
tickets.
