Move Security section to the end. Fix HTML errors. #436
Conversation
|
|
||
| <section> <h3>Chain of trust</h3> | ||
| <p> | ||
| Web pages using Web NFC are not trusted. |
There was a problem hiding this comment.
Content of Security section will be updated in a future PR.
| Web pages using Web NFC are not trusted. | ||
| This means that the user needs to be aware of exactly what a web page is | ||
| intending to do with NFC at any given moment. Implementations need to | ||
| make sure that when the user authorizes a method of this API, then only that |
There was a problem hiding this comment.
'authorizes a method of this API' sounds cryptic
| </section> | ||
| <section> <h4>Restrict automatic handling</h4> | ||
| <p> | ||
| The payload data on <a>NFC content</a> is untrusted, and must not be used |
There was a problem hiding this comment.
But people can use signature records to make it trusted
There was a problem hiding this comment.
a malicious third party could delete the signature record from the NDEF message or
attach a new signature record to prevent the user from noticing any malicious change of content.
There was a problem hiding this comment.
But with the right policies in place it should be indeed fine (trusted).
Anyway, content changes come in a next PR.
|
Can you split this CL in two CLs so that it's easier to review? |
|
There is no content change yet, just moved the Security section to the end, added missing closing tags and changed Purely syntactic changes, in that sense, this is the split, before I make content changes. |
|
I was confused as @kenchris was suggesting changes. |
Signed-off-by: Zoltan Kis <zoltan.kis@intel.com>
Good idea. I've run tidy and fixed a few more errors. |
To editors: please take attention to close tags. Browsers do complete them, but tools will complain.
Also, no flow content inside
<p>.Will continue with the Security section in a subsequent PR, this is to have a corrected baseline.
Signed-off-by: Zoltan Kis zoltan.kis@intel.com
Preview | Diff