On 4/25/13 10:34 PM, jsmith.mozi...@gmail.com wrote:
1. It's way too late for this work for v1.01 (i.e. v1.01 OOS)
I want to emphasize that the current architecture is not just
inconvenient, it breaks a ton of things, including all login solutions
for packaged apps. This is a major problem
On 4/26/13 3:02 AM, Anne van Kesteren wrote:
What is origin used for? Can Persona not use object-capabilities instead?
Do you mean that we should completely revamp the Persona protocol,
including assertions to an origin and the way we present the login UI to
users, because packaged apps don'
On 4/25/13 5:45 PM, Justin Lebar wrote:
If apps are served from and signed by the marketplace, then any origin is okay
(after
review.)
I know that we rely on code review for a lot of security assurance
questions, but it seems to me that allowing /any origin/ opens us up
to attacks needlessly.
Hi folks,
I want to raise what I believe is a relatively urgent issue with
packaged apps and web origins:
https://bugzilla.mozilla.org/show_bug.cgi?id=852720
Currently, packaged apps run in an origin that is newly minted for each
device installation, effectively a GUID that differs from d
(cc dev-platform and governance, followup on dev-identity)
Hi all,
After initial discussions with Brendan and Mitchell, I'm proposing a new
module, Identity Attached Services.
https://wiki.mozilla.org/Modules/Other#IdentityAttachedServices
This module covers server-side code and some clien
5 matches
Mail list logo
