Re: Requesting comments on draft-cheney-safe-02.txt

[Hector Santos <hsantos@santronics.com>]

Cheney, Edward A SSG RES USAR USARC wrote:

> Rich,
> 
> Users can only be protected from themselves through adherance to
> policies, procedures, and relevant training.  That is leadership
> solution and not a technology solution.  Protecting user from themselves
> does not solve exploitable weaknesses in technology.  In these cases you
> have to simply fix the technology to disallow exploitation.  If this
> were not so software companies would not spend millions of dollars to
> continually patch their products if administrators and management could
> so easily retrain their users.

But what about market forces?

One of your concerns is embedded software backend communications, i.e. 
cross domain xtalk unbeknowst to the users with embedded plugins like 
the following:

     - Flash
     - Quicktime
     - Real Player
     - Silverlight
     - Windows Media Player (WMP)

All of these players (including Apple, Google, AT&T, ComCast and so 
on) have a major strategy to add MORE background communications in 
their designs to "network" users and also build their BI for added 
value services (direct marketing, social networking).

AJAX is been relaxed for cross domain requests as well as IE already 
allows with user authorization.

I know of only of WMP and Flash having domain whitelist for cross 
domains xtalk.  That is one of the big features in Flash 9.

I understand what you mean.  Do you realize we have a 15 year old that 
is among the decision makers in how FireFox and Javascript is 
evolving?  He is also the author of jQuery. Its scary to see this guy 
in action exhibiting lack of social ethical engineering understanding 
at times. I tried to provide some insight about all this - beware of 
what you wanting to do.

But its really too late.

What I have trouble seeing is how SMTP will help.  But you have two parts:

    - Some authorization protocol using SMTP (i think), that
      is coupled with,

    - Prohibition of existing Interactive methods, i.e. DOM
      events.

I don't see how the two is related or why DOM events can no longer be 
used.

You are not going to stop DOM events, or even get people to consider 
not using it. So if that is a major part of SAFE, you already have a 
major road block in getting people interested in SAFE. Never mind the 
technical issues related to a SMTP callback system especially one that 
will be based on HTTP huge redundancy in HTTP requests.

-- 
Sincerely

Hector Santos
http://www.santronics.com