Author: intrigeri Date: To: tails-dev Subject: Re: [Tails-dev] Security implications: moving code from
Verification Extension to our website
Hi,
jvoisin: >> General security implications
>> -----------------------------
>>
>> The question we are asking ourselves is: are there any predictable
>> downsides to move the verification code from an extension to the website? > I don't see any significant downsides.
I could not find any either, as long as the threat called [H] in the
design doc of the current system can be mitigated, either in the same
way as what we currently do (see Cross-origin communication and
Content Security Policy paragraphs) or in other ways.
One rather minor implementation note, that's relevant in this context
only because any software is only as secure as the _version run by
actual users_: this migration increases the need to ensure web
browsers use the correct version of the relevant web resources (such
as JavaScript files), to replace the extension version check we
currently have, which is done for every download. At the moment JS can
be cached for 24h. We have a ticket about this already; I think it
needs to be part of the migration plan.
> I think that having the verification happening on the website will
> vastly improve the user experience and is a great idea.
