You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I wrote a short note with some thought of how to extend the CV concept to provide better assurance to end users, using a PKI similar to what exists for TLS. Such PKI could allow developers to describe the functionality of their web applications, auditors to vouch for the implementation of these applications, and end-users to access that information. See https://shaih.github.io/pubs/webapps.pdf
I believe that this direction can make a real difference in web security, well beyond just Meta applications.
The text was updated successfully, but these errors were encountered:
I wrote a short note with some thought of how to extend the CV concept to provide better assurance to end users, using a PKI similar to what exists for TLS. Such PKI could allow developers to describe the functionality of their web applications, auditors to vouch for the implementation of these applications, and end-users to access that information. See https://shaih.github.io/pubs/webapps.pdf
I believe that this direction can make a real difference in web security, well beyond just Meta applications.
The text was updated successfully, but these errors were encountered: