MozillaWiki

CloudServices/Notifications/Push/Security: Difference between revisions

Page Discussion

CloudServices/Notifications/Push/Security (view source)

Revision as of 23:47, 1 December 2011

258 bytes added ,  1 December 2011
→‎Security Considerations
(Created page with "Push notifications are a way for websites to send lightweight messages to users when the user is not on the site. They will be similar to push notifications for iOS or Android de...")
 
Line 35: Line 35:
== Security Considerations ==
== Security Considerations ==


* Authentication is undecided
A mailbox URL is an opaque random string that lets a domain send messages to a <b>Device</b>.
* Authorization is handled by the <b>Push Service</b>, which knows that a queue is mapped to a certain (domain, user) pair
* Each queue is a unique, opaque URL


=== Device to Push Service ===
=== App (Server) trust ===


* How to authenticate a <b>Device</b>?
* Authentication: provision an API key for the app which must be sent with all requests
* Authorization: match the API key to the expected mailbox domain


=== App (Server) to Push Service ===
=== Device trust ===


* How to authenticate an <b>App (Server)</b>?
* Authentication: provision a device token the first time we need to set up a mailbox
* Authorization: only display messages for mailboxes matching the token
 
=== Spoofing ===
 
* Include origin domain when displaying messages
* Enforce same-origin policy for action URLs
 
=== Message Encryption ===
 
TODO


== Prior Art ==
== Prior Art ==
Jbalogh
259

edits

Retrieved from "https://wiki.allizom.org/Special:MobileDiff/375123"