Julien Vehent
Julien Vehent
I'm not sure what you are asking beyond some more examples... I'm happy to update the doc where needed, but without knowing what you don't yet understand, it's sort of...
AFW doesn't really have a roadmap. Features are added as needed. IPv6 support will be added when I use AFW in an IPv6 environment (which is not the case at...
I don't have context here but based on the demo page, this looks like a form submission tool where user A posts data that user B needs to read. The...
I don't think that works. User B creates key `xxxxxxxxx` and sends user A a URL such as `https://my.kinto.server/form?key=xxxxxxxxx` User A enters the URL in her browser, which immediately sends...
The fragment should not be sent to the server indeed. It's probably going to work, but it's a rather weird flow because the form owner now needs to keep a...
It's an imperfect security model because an attacker that wants access to the cleartext can force the server to send javascript that steals the decryption key. You'll only be protecting...
The fundamental question is: if users don't trust the people operating the database, why would they trust the same people to keep the javascript safe? SRI and content signature still...
In which case, the formbuilder can SRI the javascript from kinto, but users still trust the formbuilder to not backdoor the JS. Same concept, with more parties involved.
For the threat model you're describing, I think your approach is correct. I'd recommending adding that information in the README though.
Is this about add-on verification?