Security considerations should be consistently organised by security risk? #685
Comments
|
Also, it is probably missing something on 'Credential Leakage' (similar to the credential management spec, which might be a sensible starter). XSS that steals the 'token': possibly usable by an attacker if a bearer token of some kind. |
|
I would expect the primary organization (list) to be either by actions (each of which would have one or more identified vulnerabilities) or by vulnerabilities (each of which would have a list of actions where that vulnerability arises). If primary organization is by actions, I would expect a second list of vulnerabilities, each with one or more (possible) mitigations. Mitigations might then be a third list, each possibly with implementation details/suggestions. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
FedCM/spec/index.bs
Line 2501 in 8201e01
@npm1 In the context of the Security Horizontal Review #652, should the Security Considerations section of the spec be consistently organised by the security risk/threat as opposed to the mitigation (one of them seems to be already)?
For instance, the Content Security Policy section could be titled 'Injection Attacks'. It could then introduce both the malicious Identity Provider (IdP) and endpoint XSS threats, followed by discussing CSP and the Sec-Fetch-Dest as mitigations for each.
This would make it similar to that discussed by other credential APIs, such as its parent's (I think parent) Security Considerations section.
The text was updated successfully, but these errors were encountered: