I believe both the Android Intent solution and the Google/Mozilla/Microsoft
take on native messaging are vulnerable to phishing attacks which has bearing
on authentication solutions. That is, the unavailability of a security context
to the called application represents a problem including the p
On Wednesday, November 30, 2016 at 5:42:30 PM UTC+1, Anders Rundgren wrote:
> It is a pity that external tokens have become the
> focus when the majority will rather rely on embedded
> security solutions which nowadays is a standard feature
> in Android and Windows platforms.
Slight clarification
Thanks very much for the detailed comments Joe.
tl;dr We have to wrap this up tonight (W3C vote deadline) and I'm
pretty sure I've captured the suggestions you've made (greatly
appreciated) with public github issues (which hopefully you've
received notifications thereof).
public github issues fi
On Wed, Nov 30, 2016 at 1:24 PM, Karl Tomlinson wrote:
> Gregory Szorc writes:
>
> > On Wed, Nov 30, 2016 at 12:40 PM, Karl Tomlinson
> wrote:
> >> When history is rewritten, is there a way to view the original
> >> history through the web interface, so that autoland tinderbox
> >> builds can be
Gregory Szorc writes:
> On Wed, Nov 30, 2016 at 12:40 PM, Karl Tomlinson wrote:
>> When history is rewritten, is there a way to view the original
>> history through the web interface, so that autoland tinderbox
>> builds can be used to find regression ranges?
>
> No. Rewritten changesets should r
On 11/29/16 10:24 AM, m...@devries.jp wrote:
On Tuesday, November 29, 2016 at 4:17:21 PM UTC+1, Boris Zbarsky wrote:
Is anyone actually doing this in
practice, though?
I'm not sure.
OK. That's the part that really matters, in some ways. Everyone agrees
there are theoretical good things th
On Wed, Nov 30, 2016 at 12:40 PM, Karl Tomlinson wrote:
> Gregory Szorc writes:
>
> > When the autoland repository was introduced, it was advised to not pull
> > from this repository because we plan to do rewrites like this frequently
> in
> > the future. So if this rewriting impacted your local
Gregory Szorc writes:
> When the autoland repository was introduced, it was advised to not pull
> from this repository because we plan to do rewrites like this frequently in
> the future. So if this rewriting impacted your local repo and you aren't a
> sheriff, you should consider changing your wo
There was a sub-optimal landing in the autoland repository. Long story
short, we rewrote a handful of changesets on the autoland repository and
their corresponding pushlog entries.
Accidental fallout from the rewrite was all autoland requests queued since
the tree was closed ~14 hours ago failed.
It is a pity that external tokens have become the focus when the majority will
rather rely on embedded security solutions which nowadays is a standard feature
in Android and Windows platforms.
On Tuesday, November 15, 2016 at 8:47:49 PM UTC+1, JC Jones wrote:
> Apologies, this got caught in a fi
As of Firefox 53, we are intending to switch Firefox on mac from a
universal x86/x86-64 build to a single-architecture x86-64 build.
To simplify the build system and enable other optimizations, we are
planning on removing support for universal mac build from the Mozilla build
system.
The Mozilla
On Tue, 29 Nov 2016, at 15:17, Boris Zbarsky wrote:
> > I understand the privacy concerns, but why can't these be handled similar
> > to the Geolocation API? Ask permission to use / user opts in.
>
> Because prompting users is generally an antipattern. If, as a user, you
> got a battery API pro
On Tuesday, November 29, 2016 at 10:01:38 PM UTC+1, Nicholas Alexander wrote:
Hi Nick,
Many thanks for your elaborate comments!
If we begin with security, Android already allows Web-sites to invoke apps
which they have no specific relation to using the custom URI scheme. I don't
see that the ab
13 matches
Mail list logo
