[tbb-dev] Proposal for redesigning the security controls -- updated version

Georg Koppen gk at torproject.org
Tue Mar 6 17:21:00 UTC 2018

Georg Koppen:
> Hi all!
> Below is the updated version taking the feedback I got so far into
> account. If you think it did not address the points you brought up,
> please say so (and do so as well in case new issues popped up since the
> first draft got sent).
> We had quite some discussion about doing First Party Isolation (FPI) on
> top of the security slider. I think that idea is sufficiently complex
> that it merits an own proposal, especially as I still don't see how we
> can get it right. See bug 21034 for the context where at least one
> example is shown that the security provided by the slider gets actually
> worse with FPI. So, we seem to be in a situation that FPI both enhances
> and decreases the security benefits promised by the slider depending on
> the context and on users expectations which seems tricky to resolve.

After rethinking my example in #21034 I think I am not really convinced
that it is a good one for showing that FPI makes things worse.
Additionally, it seems to me the discussion we had so far about FPI for
security settings seems to have shifted from having '"Safe", "Safer",
and "Safest"'-per site (as in the bug) to "exceptions to Safer and
Safest"-per site. That might be a useful distinction for the discussion
of the slider and FPI.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tbb-dev/attachments/20180306/6df900c6/attachment.sig>

More information about the tbb-dev mailing list