WebFund 2013F Lecture 14: Difference between revisions
Created page with "Audio from the lecture given on November 6, 2013 is available [http://homeostasis.scs.carleton.ca/~soma/webfund-2013f/lectures/comp2406-2013f-lec14-06Nov2013.m4a here]." |
No edit summary |
||
| Line 1: | Line 1: | ||
Audio from the lecture given on November 6, 2013 is available [http://homeostasis.scs.carleton.ca/~soma/webfund-2013f/lectures/comp2406-2013f-lec14-06Nov2013.m4a here]. | Audio from the lecture given on November 6, 2013 is available [http://homeostasis.scs.carleton.ca/~soma/webfund-2013f/lectures/comp2406-2013f-lec14-06Nov2013.m4a here]. | ||
==Notes== | |||
November 6, 2013 | |||
* Sandbox | |||
** [[File:nov6a.png]] | |||
*** Untrusted Applet restrictions | |||
**** Only portion of screen | |||
**** No file i/o | |||
**** Same origin policy for the network | |||
***** Download a program from the internet? It can’t just access anything on the internet | |||
***** Can only talk to the server from which it was downloaded | |||
*** If an applet is signed? You can trust it. | |||
*** Digital signature/certificate | |||
**** Certificates are containers for digital signatures | |||
**** (ps,pp) | |||
**** S = ps(h(d)), pp(s)=h(d) | |||
***** You know it could only come from someone who had ps | |||
****** Not only do I have the hash? I have the hash that was produced by someone who has this secret key which corresponds to this public key | |||
****** How do you know you have the right public key? Get it signed | |||
****** Certificates are public keys plus meta data along with signatures of the public key | |||
**** [[File:nov6b.png]] | |||
**** Sender encrypts with private key | |||
*** No digital signatures on javascript code you download into your browser | |||
**** Have to live with restrictions | |||
**** Sandbox is taking over your whole computer | |||
Latest revision as of 16:27, 10 November 2013
Audio from the lecture given on November 6, 2013 is available here.
Notes
November 6, 2013
- Sandbox
- Untrusted Applet restrictions
- Only portion of screen
- No file i/o
- Same origin policy for the network
- Download a program from the internet? It can’t just access anything on the internet
- Can only talk to the server from which it was downloaded
- If an applet is signed? You can trust it.
- Digital signature/certificate
- Certificates are containers for digital signatures
- (ps,pp)
- S = ps(h(d)), pp(s)=h(d)
- You know it could only come from someone who had ps
- Not only do I have the hash? I have the hash that was produced by someone who has this secret key which corresponds to this public key
- How do you know you have the right public key? Get it signed
- Certificates are public keys plus meta data along with signatures of the public key
- You know it could only come from someone who had ps
- Sender encrypts with private key
- No digital signatures on javascript code you download into your browser
- Have to live with restrictions
- Sandbox is taking over your whole computer
- Untrusted Applet restrictions
