#471: Securer Contexts

Visit on Github.

Opened Feb 5, 2020

Hello TAG!

I'm requesting a TAG review of Secur<em>er</em> Contexts.

Secure Context's threat model encompasses the transport layer. This proposal would extend it to include attackers with the ability to inject code into a victim's document (by tricking either the server or client-side code), and attackers who seek to include a victim's resources into a context where they may be vulnerable to side-channel attacks. This extension of the threat model would allow us to likewise extend the [SecureContext] IDL attribute to express new requirements for new mitigations.

  • Explainer: https://github.com/mikewest/securer-contexts/
  • Security and Privacy self-review: This is not a new feature in the typical sense, but a discussion of the ways in which I'd like us to collectively be able to restrict new (and existing!) features. I think it would feed into the self-review process, as opposed to being directly subject to it (but I'm happy to fill out the questionnaire if y'all disagree about its relevance).
  • Primary contacts (and their relationship to the specification):
    • Mike West (@mikewest, Google)
  • Organization/project driving the design: Moi.
  • External status/issue trackers for this feature (publicly visible, e.g. Chrome Status): None yet. This seems solidly architectural in nature, so I came to y'all first. I intend to send it to WebAppSec (and Twitter, I suppose) directly after filing this bug.

Further details:

  • I am passingly familiar with the TAG's API Design Principles, and in particular its discussion of Secure Contexts in Section 2.10.
  • The group where the work on this design is being done (or is intended to be done in the future): WICG -> WebAppSec + IDL
  • Existing major pieces of multi-stakeholder review or discussion of this design: None.
  • Major unresolved issues with or opposition to this design: None.
  • This work is being funded by: Google, via my paychecks.

You should also know that the TAG was the venue in which Secure Contexts began (hello, @diracdeltas!).

We'd prefer the TAG provide feedback as (please delete all but the desired option) review feedback as a comment in this issue, @-notifying @mikewest.

:heart:

Discussions

2020-02-10

Minutes

David: We have none of the assignees here...

David: Maybe a face-to-face issue? But will we have time to discuss in depth there?

Tess: At least push it out a week until we have the assignees

2020-02-17

Minutes

Peter: was just bumped due to lack of peopl

2020-03-23

Minutes

Dan & Peter will organize a separate breakout session on Friday