-
Notifications
You must be signed in to change notification settings - Fork 47
RelatedWork
Martin Paljak edited this page Apr 29, 2016
·
5 revisions
- https://wiki.mozilla.org/Privacy/Features/DOMCryptAPI
- http://www.w3.org/2014/07/permissions/
- http://www.w3.org/2009/dap/
- See WebIDL
- Morpho plugin https://chrome.google.com/webstore/detail/morpho-smartcard-access/eanapcfllikglcmjjboogimjjodcakgp
- Gemalto Sconnect https://chrome.google.com/webstore/detail/sconnect/mjhbkkaddmmnkghdnnmkjcgpphnopnfk
- Firebreath 2 http://www.firebreath.org/display/documentation/FireBreath+2.0%3A+Browser+Plugins+in+a+post-NPAPI+world
- http://www.w3.org/TR/app-privacy-bp/
- https://mikewest.github.io/spec-questionnaire/security-privacy/
- The user should have an option to permanently disable the functionality for a website (similar to geolocation)
- The user must be presented with a clear indication about the website which is asking for access to keys. Access which is not authorized by the user must be forbidden.
- sensitive operations should be possible only over secure channels (https/file/localhost)
- https://w3c.github.io/webappsec-secure-contexts/#examples-framed