-
-
Notifications
You must be signed in to change notification settings - Fork 658
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Should 8.2.2 specifically allow for encrypted data #2029
Comments
Integrity protection does not protect against sensitive data leakage, e. g. sensitive data in JWT. In a way related to #1919. |
I agree, this is why I suggest encrypted and integrity-protected |
From V8 and sensitive information perspective, only the confidentiality-protection matters. |
To be fair @elarlang, the beginning of the chapter talks about the full CIA triad: |
Well, what problem we are solving here? Pointing to CIA... how talking about availability makes sense for this requirement? The requirement says, that verify that data stored in the client side does not contain sensitive data. It says quite clearly, what is the problem to solve - no plain-text readable sensitive data to the client side... |
Everyones favorite and freshly modified 8.2.2 says:
Options:
|
@jmanico do you think it is critical to allow encrypted data stored in browser storage? To be honest, I feel like I'd rather not add it to the requirement. |
If you must store sensitive data in the browser long term, then yes. Even better just don't store sensitive data in the browser long term. I think its way more critical to remove sensitive data via cache headers than it is to store it encrypted. So I think we are in sync, Josh. |
Ok so I think we will leave the requirement as it is for now without getting into the question of encryption. |
Jim made the following suggestion for 8.2.2 in this comment:
The current requirement says the following: (the session token aspect is under separate discussion)
Although I don't think we need to expand the current requirement, do we want to specifically allow for encrypted data to be stored in those mechanisms?
If so, do we also need to talk about key management?
The text was updated successfully, but these errors were encountered: